Wasabi Wallet developers fix wallet security vulnerability

The Wasabi Wallet team carried out a wallet hard fork to fix a vulnerability discovered by the Trezor developer.

The v4 Hard Fork fixes a vulnerability that prevents the completion of #CoinJoin via a DoS (Denial of Service) attack.
The attacker could neither steal users’ funds nor deanonymize anyone.

We advise you to update to Wasabi v1.1.12 as soon as you can.https://t.co/VYvzuuoFJe

— Wasabi Wallet (@wasabiwallet) September 3, 2020

A hypothetical DoS attack would have hindered the CoinJoin feature, the privacy protocol that allows users to anonymize Bitcoin transactions.

The hardware-wallet developer Ondrej Veipustek disclosed the possibility of a potential DoS attack to the Wasabi team on May 10. It would not have allowed the CoinJoin process to complete, and the attacker could not have stolen funds or exposed users’ data.

«Veipustek has been actively cooperating with us from the start and gave us full freedom in how to manage the disclosure of information about the vulnerability, both in terms of timing and communication. This demonstrates the importance of proper communication between security researchers and development teams», – said Wasabi Wallet spokesperson Riccardo Masutti.

He added that Veipustek was paid a Bitcoin reward for the work.

Wasabi Wallet users should update the wallet to the latest version if they want to continue using the CoinJoin feature to preserve the privacy of Bitcoin transactions.

Earlier, the company OXT Research reported two potential vulnerabilities in the competing Wasabi Wallet.

Subscribe to ForkLog news on Telegram: ForkLog FEED — the full news feed, ForkLog — the most important news and polls.