Bitcoin SV Multisig Bug Exploited Resulting in Potential Coin Loss

The exploit was reported by Blockstream co-founder Gregory Maxwell (a.k.a. /u/nullc), and retweeted by crypto podcaster Ruben Somsen;

Multisig bug in BSV exploited, funds stolen🍿

BSV ripped out the existing multisig (p2sh) and replaced it with a threshold script that was SUPPOSED to accept X sigs or more, but instead accepted X or LESS (including zero)🤦‍♂️

Full thread by Maxwell (nullc)https://t.co/RMmITsoHj9

— Ruben Somsen 🚵‍♀️🚵‍♂️🚵🚳 (@SomsenRuben) November 8, 2020

The pay to script hash (P2SH) was deprecated as part of the Bitcoin SV Genesis upgrade in February 2020. It had been replaced with this new threshold based script which was supposed to accept more than a set number of signatures.

Accidental and Untested

As explained by cryptographer Adam Back the bug created a ‘less than or equal’ instead of ‘greater than or equal’ number of signatures in the multisig which resulted in the exploit.

“Presume they removed the standard p2sh multisig and replaced with this bugged home-brew multisig due to BSV anti-soft fork posturing, to undo soft-forks.”

Maxwell elaborated that the result was that these scripts had no security at all and could just be spent by a script that sets is to zero valid signatures. He added that no real funds were lost and that the flaw was likely accidental rather than malicious.

“So, of course, zillions of BSV have been taken. Even though there was nothing of value lost here there are probably a few lessons to extract from this,”

He said that there had been a lack of testing and the situation would have been avoided entirely had BSV not ripped out the ‘competent, time tested, and highly peer-reviewed mechanisms for multisig by Bitcoin in favor of far less efficient homebrew crypto.’

Maxwell discovered a similar potential replay attack vector on Bitcoin SV in late 2019 that could have been executed to steal unsplit funds of BTC users on the Bitcoin SV chain after the Genesis upgrade.

BSV Price Update

Bitcoin SV prices are largely unchanged on the day and week, hovering around $165. Unlike its more successful siblings, BSV has done very little in terms of price action in 2020.

The Bitcoin fork did spike to top $400 in January as it was reported that Craig Wright received the Tulip Trust keys which could have unlocked a fortune in BTC. It turned out that this was not the case, and BSV quickly dumped back to its lethargic levels. It is currently trading over 60% down from that peak and has lost 34% since a brief movement in August to $247.

BSV is currently positioned just outside the top ten in terms of market cap with $3 billion.