cggmp24 and cggmp21 are vulnerable to signature forgery through altered presignatures

Impact This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously users could generate a presignature, and then choose a HD derivation path while issuing a partial signature via...

GHSA-8FRV-Q972-9RQ5 cggmp24 and cggmp21 are vulnerable to signature forgery through altered presignatures

Impact This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously users could generate a presignature, and then choose a HD derivation path while issuing a partial signature via...

cggmp21 has a missing check in the ZK proof used in CGGMP21

Impact cggmp21 concerns a missing check in the ZK proof that enables an attack in which a single malicious signer can reconstruct full private key. Patches cggmp21 v0.6.3 is a patch release that contains a fix that introduces this specific missing check However, cggmp21 recommends upgrading to...

GHSA-M95P-425X-X889 cggmp21 has a missing check in the ZK proof used in CGGMP21

Impact cggmp21 concerns a missing check in the ZK proof that enables an attack in which a single malicious signer can reconstruct full private key. Patches cggmp21 v0.6.3 is a patch release that contains a fix that introduces this specific missing check However, cggmp21 recommends upgrading to...

cggmp21 数据伪造问题漏洞

cggmp21 is a Rust library open-sourced by Lockness. A data forgery issue vulnerability exists in versions prior to cggmp21 0.6.3, which stems from a missing check in the ZK proof that could lead to a malicious signer reconstructing the full private key...

cggmp21 安全漏洞

cggmp21 is a Rust library open-sourced by Lockness. A security vulnerability exists in cggmp21 versions 0.6.3 and earlier and 0.7.0-alpha.1, which stems from improper use of pre-signatures in a manner that may result in reduced security...

RUSTSEC-2025-0130 Missing check in ZK proof in CGGMP21 Threshold Signing Protocol

Vulnerability concerns a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full private key. Patches cggmp21 v0.6.3 is a patch release that contains a fix that introduces this specific missing check. However, we recommend upgrading to cggmp24...

GHSA-RM66-9GH4-4GP8 cggmp21 vulnerable to ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

cggmp21 vulnerable to ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

GHSA-7JJX-3QW9-J6H6 cggmp21-keygen has ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

cggmp21-keygen has ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

GHSA-H24C-6P6P-M3VX tss-lib leaks secret keys in response to incorrectly constructed Paillier moduli

Impact The specification of the GG18 threshold ECDSA signature protocol contains a vulnerability allowing an attacker to recover the shared secret key. If a participant generates a Paillier modulus N containing small factors less than 2^100 they can interact with other participants in the signing...