DeFi wallet problem widespread, lets hackers pry into individual transactions


A cryptocurrency research project by a company named ZenGo shows how the decentralized application as a cryptocurrency wallet setup may have an Achilles’ heel when it comes to wallet access.


A recently published release by ZenGo shows the danger of something you might call the “broadened access problem.”


At the heart of the issue is a flaw that may lead the Dapp wallet, seemingly across the board, to allow comprehensive access when establishing protocol for a particular transaction.


Here’s how writer Alex Manuskin put it yesterday:


“Imagine going to your bank and sending $100 to someone,” Manuskin writes. “Later, you discover that by doing so you have allowed this person to empty your bank account. Even worse, your bank did not do a thing to prevent this from happening, even though it knew this could happen. This is the problem that we have encountered in some of the most popular crypto wallets…”

To date, Dapps have enjoyed lots of popularity with proponents citing advantages like fault-tolerant systems, increased trust and capabilities to fight Internet censorship. In decentralized finance, decentralized applications are a major tool for establishing new chains of custody and transaction protocols. However, if bad actors can simply reach into wallets and empty them due to vulnerabilities, that’s going to lead many innovators to get back to the drawing board.


“Some security compromises that might have been acceptable in the era when users were scarce and highly technical are not acceptable when DeFi goes mainstream, acquiring many non-technical users, and handling crypto tokens in the Billions (USD),” Manuskin writes. “Furthermore, the recent price drops in DeFi only aggravate the problem, as users who decide to move out of DeFi falsely assume they no longer carry this risk, when in fact, they are still as vulnerable to the baDAPProve issue as they were before.”

For investors who want to use the flashiest, newest methods to store crypto assets, this is big news: make sure that your wallet systems are not exposed to this kind of widespread liability, or you may get an unpleasant surprise after a routine transaction.