Major Vulnerability In WabiSabi Coinjoin Protocol Uncovered

WabiSabi protocol vulnerability allows malicious coordinators to deanonymize coinjoins; update Wasabi Wallet and Ginger Wallet now to protect privacy.
Naiw
1 min read
Major Vulnerability In WabiSabi Coinjoin Protocol Uncovered
Major Vulnerability In WabiSabi Coinjoin Protocol Uncovered

Key Takeaways

  • A vulnerability in the WabiSabi protocol identified by Ginger Wallet developers allows malicious coordinators to deanonymize users by tracking inputs and outputs.
  • The flaw arises from unique tagging through maxAmountCredentialValue parameters, breaking anonymity in the coinjoin process.
  • Developers had prior knowledge of tagging attack risks, but mitigation measures were incomplete and inconsistently implemented.

The WabiSabi Vulnerability and Its Implications

A vulnerability in the WabiSabi coinjoin protocol has been discovered to enable malicious coordinators to deanonymize users by tracking their inputs and outputs.

The flaw allows attackers to correlate inputs and outputs, clustering wallet addresses and reducing user anonymity sets.

This vulnerability affects Wasabi Wallet 2.2.1.0 and below, Ginger Wallet 2.0.13 and below, and BTCPay Server coinjoin plugin 1.0.101.0 and below.

Users are strongly urged to update their wallets immediately to mitigate potential exploitation risks.

Technical Details of the Vulnerability

The vulnerability arises from assigning unique maxAmountCredentialValue parameters during coinjoin rounds, enabling user tagging attacks.

WabiSabi’s protocol design uses anonymous credentials with dynamic amounts, making such flaws particularly impactful.

Malicious coordinators exploit this flaw by tagging users with unique identifiers, which negates the privacy benefits of coinjoins.

Yuval Kogman, one of the protocol’s architects, highlighted tagging attack risks and called previous fixes partial.

Reactions and Mitigation Efforts

Ginger Wallet developers identified the issue and attributed it to bandwidth-saving design choices in WabiSabi clients.

Lucas Ontivero, Wasabi Wallet maintainer, claimed that a 2021 fix addressing tagging attacks was inadvertently broken during refactoring.

Tests by Ginger Wallet suggest the vulnerability was likely not actively exploited by coordinators.

Calls for comprehensive mitigation include binding data to round IDs and implementing full ownership proofs, as suggested by Kogman.

[The Rage Article]
[Bitcoin Magazine Article]

news
About the author
Naiw

Naiw

Read next

MicroStrategy ETFs Face Tracking Errors

Russia is Using Bitcoin in Foreign Trade, Finance Minister Says

Rumble Explores Bitcoin Tipping

Bank of Italy Labels No-KYC P2P Transactions as 'Crime-as-a-Service'

Michael Saylor Pitches $81T Bitcoin Reserve Plan for the US

BitHub

Your premier directory for Bitcoin-only news, services, and products. Subscribe for free to our twice-weekly Bitcoin Breakdown newsletter.

BitHub

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to BitHub.

Your link has expired.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.