OXT Research, behind bitcoin wallet Samourai Wallet, has reported two potential vulnerabilities in rival Wasabi Wallet.
The company discovered them at the end of July while studying the movements of the bitcoins stolen from the Twitter hack. These flaws in the program code, according to OXT, threaten the privacy of users.
After a detailed study of the problem, the researchers classified the vulnerabilities as critical. According to OXT, the problem relates to the mixing technology of CoinJoin: when re-mixing the outputs of transactions, the result of the first is reversed, which jeopardizes the anonymity of users.
OXT approached zkSNACKs Ltd, behind the Wasabi Wallet, to make an official statement. In it, the developers of Samourai Wallet asked to explain the risks to users and give recommendations on how to avoid them.
According to a statement from OXT, zkSNACKs CTO David Molnar responded to their appeal and promised to look into the situation. Later, the co-founder of the company, Adam Ficor, gave his answer, calling OXT’s statement an attempt at blackmail. On this, communication with representatives of Wasabi Wallet was cut off.
Now OXT plans to publish a detailed report on the found vulnerabilities within 48 hours. According to them, this step will allow wallet users to take measures to protect their privacy.
In April last year, Adam Ficor accused the management of Samourai Wallet of conducting a smear campaign from dummy accounts in social networks.
In mid-July, Elliptic analysts reported that 22% of the bitcoins stolen from the Twitter hack were sent to the Wasabi Wallet.