Olivia
Online
Mike Voronov
@VMS11
Math/CS
substack blog:
Joined March 2010
1.1K Following
396 Followers
331 Posts
From my pov, no one should really use the GG/CGGMP family of protocols - they are too hard to implement correctly. The DKLS family is a way better and cryptographically simpler.
This morning, THORChain was drained of roughly $10.8m
Node operators have freezed the network for nearly 13 hours. The full analysis isn't out yet, but according to @jpthor, this could be a MPC exploit.
ECDSA and TSS is hard. THORChain's vaults rely on TSS, a flavor of MPC where a quorum of nodes jointly produces a signature without ever reconstructing the private key. Clean for Schnorr or EdDSA; painful for ECDSA, which Bitcoin and Ethereum require. That's why we saw plenty of protocol attempts (Lindell17, GG18, GG20, CMP, CGGMP21, DKLS, KU23...), each patching flaws in the previous one.
GG20 has a track record. THORChain's TSS uses GG20, on a fork of Binance's tss-lib. GG20 has shipped two well-publicized critical bugs: CVE-2023-33241 and TSSHOCK. CGGMP21, now cggmp24, are the latest protocols, but GG20 is still widely deployed.
I often hear a misconception when I hear about MPC setup: "The key is split across many nodes, so any single co-signer doesn't really matter".
In every published GG18/GG20 attack, one malicious or compromised co-signer is enough to extract everyone else's shard and reconstruct the full key.
AI changes the threat model. Compromising a full software node, complex Go stack, exposed P2P, custom signing daemons, a churn protocol that admits new participants on a schedule, has always been difficult and acted as a barrier. With LLM-driven vulnerability discovery and exploit synthesis, the bar to compromise one of N validators is dropping fast.
Here, it's a plausible TSSHOCK-style playbook:
- compromise one operator
- wait for it to churn into an active Asgard vault
- send malformed proofs during keygen or signing
- reconstruct the key offline
- sweep in a single transaction
It's unclear yet if the attacker used a known-unpatched GG20 weakness, or a fresh cryptographic flaw.
But, in all cases, MPC and TSS are not a substitute for hardening every co-signer. They sit on top of co-signers that must each be treated as critical infrastructure, hardware-isolated enclaves, minimally exposed, continuously audited, and running protocol with security proofs.
While the investigation progresses, be careful in your interactions onchain. These TSS setup are used in various protocols.
@alinush @jaysprakash @THORChain Bc no one should really use GG/CGGMP family of protocols - they are too hard to implement correctly. DKLS-family is a way better
https://t.co/q0ZuyY190T
@sphere_homotopy и S5 передаёт привет вашим радикалам
@sphere_homotopy Если x нет, то проблема в вашем поле
@geragorgon на АСВК, но я защитил только т.н. НКР, потому что тема PhD разонравилась и сейчас в процессе разработки новой
All the best programmers I know are starting to write code by hand again
The Kelp DAO situation highlights a critical design challenge in institutional DeFi:
complex cross-protocol assets back $280M in loans, how much data visibility is enough?
It's a question all of us building in this space need to answer.
Fear sells best as usual
Anthropic CEO Dario Amodei: “50% of all tech jobs, entry-level lawyers, consultants, and finance professionals will be completely wiped out within 1–5 years.”
@tbel_it Интересно увидеть примеры проектов, в которых это будет являться нормальным. И интересно, есть ли уже примеры, когда этот подход работал.
@mokevnin А так, да, метод, просто написанный LLM, почти ничего не стоит
@mokevnin Мне кажется, что всех (и меня) перегрели просто. Я считаю, что наоборот будет ценен код, которому было уделено человеческое квалифицированное внимание. Представляете, например, условный libsoduim постоянно перегенерировать и другой ключевой критичный софт.
Divisible UTXO swaps enable real L1 peer-to-peer order books.
No matching engine. Just Bitcoin Script.
Multisig protects treasuries with m-of-n approval.
Public keys stay hidden until the spend.
Multi-party sign-off on every mint and burn.
Configurable at issuer-level compliance with a designated authority now able execute regulatory orders directly on-chain.
No off-chain detours. No issuers, miners, or foundations/associations in the loop.
On-chain script-enforced - no intermediaries.
STAS 3.0 script template makes this real 👇
https://t.co/hIkchsEaD2
Last Seen Users on Sotwe
Tisu Basah
Seen from Indonesia
Pepe
Seen from Chile
Racun Asmara
Seen from United States
كنج المقاطع
Quetta ka pathan (single)
Seen from Pakistan
DiscussingFilm 
Seen from United Kingdom
Danica Tremblay
Seen from Canada
sasi
Seen from Germany
SUKA YANG TUA
Seen from Indonesia
Powell
Seen from Singapore
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers