Certain multisignature (multisig) wallets can be exploited by Web3 apps that use the StarkEx protocol, according to a March 9 press release provided to Cointelegraph by Multi-Party Computation (MPC) wallet developer Safeheron. The vulnerability affects MPC wallets that interact with StarkEx apps such as dYdX. According to the press release, Safeheron is working with app developers to patch the vulnerability.
According to Safeheron’s protocol documentation, MPC wallets are sometimes used by financial institutions and Web3 app developers to secure crypto assets they own. Similar to a standard multisig wallet, they require multiple signatures for each transaction. But unlike standard multisigs, they do not require specialized smart contracts to be deployed to the blockchain, nor do they have to be built into the blockchain’s protocol.