SciPHRSciPHR/ Learn sciphr.io ↗

Upbit's $30 Million Breach.

2025-11-29

Upbit is investigating this week's $30 million breach and has discovered a flaw in its wallet implementation that exposed users to a vulnerability known as nonce bias.

Nonce bias occurs when the randomness in an ECDSA signature shows patterns instead of being truly unpredictable. ECDSA relies on a fresh, unique, and uniformly random nonce for each signature. If the nonce drifts, repeats, or even leans toward certain values, attackers can analyze these patterns and mathematically recover the private key.

Solana's signing method uses a new random number each time a wallet signs a transaction. Upbit's system wasn't generating those numbers truly randomly, and thus, not securely, so attackers could spot patterns. Once those patterns are detected, the private key can be calculated.

Secure systems require determinism, ephemeral key management, and further investigation into the cause of this failure and how to prevent it in the future.

← BackAll of Learn
Network: TESTNET ·_