Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
- In a bold challenge to hackers, Zengo Wallet developers will disclose a wallet address that holds up to 10 BTC and will also reveal two out of three security elements utilized in its creation.
The Zengo Wallet developer is adopting a unique strategy for its bug bounty initiative.
Rather than compensating white hat hackers for identifying vulnerabilities, the firm is depositing 10 Bitcoin (BTC), valued at over $430,000 based on current prices, into an account controlled by developers.
As stated in a Jan. 7 announcement, any hacker who successfully depletes the Bitcoin will be permitted to keep it.
See Also: Crypto VC Polychain Capital Confirms Its Founder’s X Account Is Hacked
The bounty will be available for a duration of 15 days, starting on Jan. 9 and concluding on the morning of Jan. 24.
On Jan. 9, the address of the account will be disclosed, initially containing 1 BTC (approximately $43,000).
On Jan. 14, Zengo will add an extra 4 BTC ($172,000) to the account and reveal one of the “security elements” used to protect the account.
On Jan. 21, the team will contribute another 5 BTC ($215,000), bringing the total in the wallet to 10 BTC ($430,000).
At this point, they will also disclose a second security element. The wallet employs a total of three security elements.
After the second element is revealed, hackers will have until 4 pm UTC on January 24 to breach the wallet. If anyone succeeds in cracking the wallet during this timeframe, they will be allowed to retain the 10 BTC.
Zengo asserts that it is a wallet with “no seed phrase vulnerability.” Users are not required to write down seed words when they initially set up an account, and no key vault file is kept by the wallet.
According to its official website, the wallet utilizes a multi-party computation (MPC) network for transaction signing.
Related Posts
Instead of generating a private key, the wallet produces two distinct “secret shares.” The first share is stored on the user’s mobile device, while the second is kept on the MPC network.
The user’s share is further secured through a three-factor (3FA) authentication process.
To retrieve their share, users must access an encrypted backup file on their Google or Apple account and the email address they used to create the wallet account.
Additionally, they must complete a face scan on their mobile device, which serves as a third cryptographic factor for reconstructing their share.
A backup method for the MPC network’s share is also available, as stated by Zengo. The team claims to have provided a “master decryption key” to a third-party law firm.
If the MPC network’s servers become unavailable, this law firm has been instructed to publish the decryption key to a GitHub repository.
The app will automatically switch to “recovery mode” if the key is published, enabling the user to reconstruct the MPC network’s share associated with their account.
Once a user possesses both shares, they can generate a conventional private key and import it into a competing wallet application, allowing them to restore their account.
In a recent statement, Zengo chief marketing officer Elad Bleistein expressed optimism that the on-chain bounty will stimulate discussions regarding MPC technology within the crypto community.
See Also: Scammer Posed As Forbes Reporter, Briefly Hacked CertiK’s X Account
“Complicated terms like MPC or TSS can be overly abstracted,” Bleistein remarked. “The Zengo Wallet Challenge will emphasize the security advantages of MPC wallets compared to traditional hardware alternatives, and we anticipate a vibrant discussion with those who participate.”
Wallet security has emerged as an increasing concern in the crypto community over the past year, following a breach of Atomic Wallet that resulted in over $100 million in losses for crypto users.
The developer subsequently established a bug bounty program to enhance the app’s security moving forward. Users of the Libbitcoin Explorer wallet library also reported $900,000 in losses due to hacks in 2023.
The post Zengo Wallet Developers Dare Hackers To Take 10 BTC ($430K) From Wallet appeared first on BitcoinWorld.
