SlowMist: Critical Security Vulnerability Found in Elliptic Cryptography Library
Foresight News reports that SlowMist Technology has stated that a severe security vulnerability (GHSA-vjh7-7g9h-fjfh) has been discovered in the elliptic cryptographic library, which is widely used in the JavaScript ecosystem. Attackers can extract private keys with a single signature by crafting specific inputs, thereby gaining full control over the victim's digital assets or identity credentials. The root cause of this vulnerability lies in the elliptic library's handling defects of non-standard inputs, leading to the possibility of repeated random number k in ECDSA signatures. Since the security of the ECDSA algorithm heavily relies on the uniqueness of k, once k is repeated, the private key can be directly derived, resulting in irreversible security risks.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Benchmark analyst reiterates "Buy" rating on Japanese crypto company Metaplanet
GAIN official: Investigating issues related to abnormal token over-issuance
Data: 10 addresses received a total of 210,000 ETH within 6 hours, worth approximately $863 millions.
Trending news
MoreCrypto prices
More
