Digital asset custodian BitGo plans to litigate against infrastructure provider Fireblocks for improper disclosure of a bug in BitGo’s Ethereum Wallet.
Fireblocks said it patched a bug in BitGo’s Ethereum wallets that would allow a hacker access to a user’s private key through a single signature.
BitGo Says Fireblocks Violated Disclosure Agreement
The bug was created through missing zero-knowledge proofs in BitGo’s Threshold Signature Scheme protocol.
BitGo, a digital asset custodian, said that Fireblocks’ reporting created a publicity stunt and went against a joint-disclosure agreement.
The firm said that Fireblocks released findings for an early rather than a production version of the multiparty computation wallet that BitGo rolled out to a limited number of developers.
It criticized Fireblocks for contacting reporters, clients, and regulators regarding an early-release product’s testing on the Ethereum mainnet. According to BitGo, Fireblocks wrongly claimed that the pre-release version was a production version. They reportedly did this after using the wallet on the mainnet, against BitGo’s advice.
In response, the custodian will take legal action. Measures include damages, injunctive relief, and legal fees against the infrastructure provider, who also supported Signature Bank’s Signet network.
How Infrastructure Providers Manage Risk
The recent failures of crypto exchanges have revived interest in self-custodial wallets to reduce counterparty risks. An exchange hack could mean that customers lose access to their digital assets. Depending on the extent to which the exchange is responsible, it may need to have the capital to make users whole.
Infrastructure providers like Fireblocks claim to offer zero counterparty risk by using multiparty computation that needs keys from multiple parties to sign transactions. It requires crypto firms using its technology to sign a strict Service Level Agreement with daily support and engineering monitoring.
Tassat, a builder of private networks, reduces risk through instant B2B settlement that at least two executives must approve.
Coinbase offers limited crime insurance that protects some assets from theft. However, it does not insure against exposed logins that allow criminals access to a user’s accounts.
For Be[In]Crypto’s latest Bitcoin (BTC) analysis, click here.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.