Tholos' Unique MPC Approach Triumphs: Confirmed Amid Fireblocks' Zero-Day Vulnerability Discovery

Tholos' Unique MPC Approach Triumphs: Confirmed Amid Fireblocks' Zero-Day Vulnerability Discovery


The Fireblocks cryptography research team recently revealed a series of zero-day vulnerabilities affecting widely adopted MPC implementations such as GG-18, GG-20, and Lindell17. These implementations are prevalent throughout the digital asset custody ecosystem consequently meaning that vulnerabilities are wide-spread. While this discovery raises concerns across the industry, we are pleased to share that Tholos remains unaffected by these vulnerabilities, thanks to our unique approach to security.

MPC protocols have long been regarded as a robust means of achieving secure digital asset custody. However, the recent vulnerabilities exposed by the Fireblocks research team underscore the complexity of maintaining absolute security within such protocols, particularly when employing homomorphic encryption. These vulnerabilities could potentially result in protocol exploits posing substantial risks to digital asset custody technologies and their clients.

At Tholos, security is our paramount concern. We proactively identify and address potential vulnerabilities to exceed expectations. This commitment led us to make a conscious choice when it comes to the implementation of our MPC protocols. Unlike many other MPC solutions that rely on the commonly used GG-18, GG-20, and MPC-CMP implementations, Tholos employs the DKLs19 implementation.

The recent vulnerabilities and widespread effect of them, emphasize the importance that organizations not only distribute platform risk but ALSO distribute risk across different MPC implementations. Tholos serves this purpose in enabling organizations to use platforms such as Fireblocks along with Tholos to reduce risk not only across different platforms but also across different MPC protocols.

DKLs19 stands out for its industry-leading performance and stronger security guarantees. Our decision to adopt DKLs19 was not just about avoiding vulnerabilities; it was a deliberate move to ensure the highest possible level of security for your digital assets. We understand the magnitude of trust organizations place when selecting the digital asset custody technology to use and to that end we devote significant resources to continually improving our security posture.

As we navigate this ever-evolving landscape, Tholos will continue to be your steadfast partner in safeguarding your digital assets. Rest assured, we will remain vigilant and proactive, keeping security at the forefront of our mission.