Cybersecurity Firm dWallet Labs Discovers and Fixes $500 Million Vulnerability in Tron Network

Tron
Last updated:
Author
Fredrik Vold
Author Categories
About Author

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Source: AdobeStock / AlekseyIvanov

dWallet Labs, a prominent cybersecurity research team, has uncovered a critical zero-day vulnerability within the multisignature (multisig) mechanism of the Tron (TRX) network, the firm revealed in a blog post this week.

This vulnerability discovered allows any signer, regardless of their weight, to bypass the multisig security of TRON, impacting over $500 million worth of digital assets held in TRON multisig accounts, dWallet Labs claimed in the post which was also shared via Twitter.

The vulnerability was originally reported to Tron through a bounty program back in February, after which Tron acknowledged the severity of the vulnerability and took action to mitigate it.

Within days, Tron developed and deployed a patch, ensuring that the vulnerability could not be exploited.

dWallet Labs said it received a bounty reward from Tron for the discovery of the vulnerability, but it did not say how much it received.

Flaw in multisig transaction mechanism

The vulnerability discovered by the company reportedly revolves around the verification process for multisig transactions on the TRON network.

The flaw was said by dWallet to allow for the generation of multiple valid signatures for the same message by the same private key, bypassing the security measures.

Attackers could exploit this vulnerability to perform unauthorized transactions in multisig wallets, the firm further explained in the blog post.

Second-largest blockchain by TVL

Founded in September 2017, Tron is a Proof-of-Stake (PoS) network secured by its native token TRX.

The network is ranked as the second-largest after Ethereum in terms of total value locked (TVL) and stablecoin circulation, according to data from DefiLlama.

Tron’s TRX token is also among the top 10 cryptocurrencies by market capitalization, with the total value of its circulating supply standing at $6.76 billion, according to CoinGecko.

Since the beginning of the year, TRX has largely traded higher along with the broader crypto market.

From a price of $0.055 on January 1, TRX on Thursday traded at $0.075, an increase of around 37%.

TRX price year-to-date. Source: CoinGecko

More Articles

Price Analysis
Is Bitcoin’s Supercycle Still Alive? Economist Says BTC Could Be Set for a Massive Surge
Arslan Butt
Arslan Butt
2025-02-12 10:33:11
Altcoin News
Goldman Sachs Ramps Up Ether ETF Holdings by 2,000% as Bitcoin ETF Stash Surpasses $1.5B in Q4 2024
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-02-12 07:27:13
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors