What Are ‘Digital Signatures’ That Were Accessed by WazirX Hackers?

A mathematical tool for authentication, digital signatures carry several details related to any transaction.

What Are ‘Digital Signatures’ That Were Accessed by WazirX Hackers?

Photo Credit: Pixabay/ Mohamed_Hassan

A recent WazirX blog claimed that digital signatures enhance the authentication of transactions

Highlights
  • Digital signatures are used to verify commands in Web3 protocol
  • They provide proof of authenticity
  • Deploying digital signatures could be an expensive process
Advertisement

The WazirX hacker, who stole over $230 million (roughly Rs. 1,900 crore) from a multi-signature wallet, managed to access the digital signatures required to process the transaction to facilitate the hack attack. But what are these digital signatures? Unlike the text scribble we generally identify a signature to be, digital signatures are virtual signing algorithms. Like human signatures, these digital signatures prove the authenticity of any command linked to a crypto transaction.

How do Digital Signatures Work?

A mathematical tool for authentication, digital signatures carry multiple details related to any transaction. These details include proof of origin, time of initiation, and the status of any digital document.

Based on asymmetric cryptography, a digital signature is created to verify information or a command. A pair of private and public keys need to be created to make for a digital signature. While the private key is used to create the signature, the public key is utilised to verify the signature.

Overall, digital signatures are dependent on the Public Key Infrastructure (PKI). In order to generate mathematically linked private key and public key, public key algorithms such as Rivest-Shamir-Adleman can be used. Like all human signatures are unique, these software also generate unique digital signatures different from all others generated so far.

Back in March this year, WazirX had published a blog detailing how crucial these digital signatures are in the blockchain sector. As per the Indian exchange, digital signatures enhance the security and authentication of transactions. The exchange also said digital signing provides precise timestamping, eliminates the need for a centralised authority, and makes the verification process more time efficient.

“If the signature is completely valid, it confirms that the user initiating the transaction is the rightful owner of the data,” the blog said. “The widespread adoption of blockchain, alongside the ongoing use of digital signatures, is shaping a future where decentralisation, security, and transparency redefine online transaction dynamics.”

Shortcomings of Implementing Digital Signatures

Deploying digital signatures on smart contracts or for transaction verifications could make for an expensive process given that both the senders and receivers linked to the transaction will have to purchase digital certificates and verification software.

While digital signatures can be seen as a more secure option to implement 2-FA for crypto transactions, they are clearly not a foolproof security measure in the crypto arena.

In WazirX's case, the hacker exploited a multi-sig wallet of WazirX kept under Liminal Custody's oversight. The hacker, highly suspected to be from North Korea's notorious Lazarus Group, managed to get the access to the signatures needed by both the parties to approve the transaction and facilitated the attack.

Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Radhika Parashar
Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More
Samsung Galaxy S24 FE Support Page Goes Live; Launch Could Be Imminent
Facebook Gadgets360 Twitter Share Tweet Snapchat LinkedIn Reddit Comment google-newsGoogle News

Advertisement

Follow Us
© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »