Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On November 9th, a user named "aaron67" posted about his BSV theft experience, saying that please stop using the multisig accumulator multi-signature solution implemented by ElectrumSV immediately. The locking script of this scheme had serious bugs, so that 600 BSV was stolen on November 6th. After the incident, the user had contacted Roger Taylor, the author of ElectrumSV, for the first time, and the serious bug was subsequently confirmed. At the same time, the Note.SV developers stated that they had done an analysis for the first time to find the source of the bug, and notified the wallet author and community users. Attack method (per SlowMist): Security Vulnerability. Reported loss: 600 BSV.
- chain
- —
- protocol
- ElectrumSV
- bug_class
- unknown
- date_occurred
- 2020-11-09
- loss_usd
- —
- source_id
- sm:electrumsv::2020-11-09