{"id":28224,"date":"2020-09-04T18:26:21","date_gmt":"2020-09-04T15:26:21","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=28224"},"modified":"2025-08-27T10:24:38","modified_gmt":"2025-08-27T07:24:38","slug":"wasabi-wallet-developers-fix-wallet-security-vulnerability","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/wasabi-wallet-developers-fix-wallet-security-vulnerability\/","title":{"rendered":"Wasabi Wallet developers fix wallet security vulnerability"},"content":{"rendered":"<p>The Wasabi Wallet team carried out a wallet hard fork to fix a vulnerability discovered by the Trezor developer.<!--more--><\/p>\n<blockquote class=\\\"twitter-tweet\\\" data-lang=\\\"en\\\">\n<p dir=\\\"ltr\\\" lang=\\\"en\\\">The v4 Hard Fork fixes a vulnerability that prevents the completion of <a href=\\\"https:\/\/twitter.com\/hashtag\/CoinJoin?src=hash&#038;ref_src=twsrc%5Etfw\\\">#CoinJoin<\/a> via a DoS (Denial of Service) attack.<br \/>\nThe attacker could neither steal users\u2019 funds nor deanonymize anyone.<\/p>\n<p>We advise you to update to Wasabi v1.1.12 as soon as you can.<a href=\\\"https:\/\/t.co\/VYvzuuoFJe\\\">https:\/\/t.co\/VYvzuuoFJe<\/a><\/p>\n<p>\u2014 Wasabi Wallet (@wasabiwallet) <a href=\\\"https:\/\/twitter.com\/wasabiwallet\/status\/1301520328951083008?ref_src=twsrc%5Etfw\\\">September 3, 2020<\/a><\/p>\n<\/blockquote>\n<p><script async src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>A hypothetical DoS attack would have hindered the CoinJoin feature, the privacy protocol that allows users to anonymize Bitcoin transactions.<\/p>\n<p>The hardware-wallet developer Ondrej Veipustek disclosed the possibility of a potential DoS attack to the Wasabi team on May 10. It would not have allowed the CoinJoin process to complete, and the attacker could not have stolen funds or exposed users&#8217; data.<\/p>\n<blockquote>\n<p>\u00abVeipustek has been actively cooperating with us from the start and gave us full freedom in how to manage the disclosure of information about the vulnerability, both in terms of timing and communication. This demonstrates the importance of proper communication between security researchers and development teams\u00bb, \u2013 said Wasabi Wallet spokesperson Riccardo Masutti.<\/p>\n<\/blockquote>\n<p>He added that Veipustek was paid a Bitcoin reward for the work.<\/p>\n<p>Wasabi Wallet users should update the wallet to the latest version if they want to continue using the CoinJoin feature to preserve the privacy of Bitcoin transactions.<\/p>\n<p>Earlier, the company OXT Research <a href=\"https:\/\/forklog.com\/en\/news\/samourai-wallet-potential-vulnerability-in-wasabi-wallet-threatens-users-anonymity\">reported<\/a> two potential vulnerabilities in the competing Wasabi Wallet.<\/p>\n<p>Subscribe to ForkLog news on Telegram: <a href=\\\"https:\/\/t.me\/forkloglive\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog FEED<\/a> \u2014 the full news feed, <a href=\\\"https:\/\/telegram.me\/forklog\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener noreferrer\\\">ForkLog<\/a> \u2014 the most important news and polls.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Wasabi Wallet team carried out a wallet hard fork to fix a vulnerability discovered by the Trezor developer.<\/p>\n","protected":false},"author":1,"featured_media":28225,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,1544,57,933],"class_list":["post-28224","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-coinjoin","tag-wallets","tag-wasabi-wallet"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/28224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=28224"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/28224\/revisions"}],"predecessor-version":[{"id":28226,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/28224\/revisions\/28226"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/28225"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=28224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=28224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=28224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}