{"id":"GO-2024-3288","summary":"Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws in github.com/taurusgroup/multi-party-sig","details":"Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws in github.com/taurusgroup/multi-party-sig","aliases":["GHSA-7f6p-phw2-8253"],"modified":"2026-03-03T04:56:02.578799Z","published":"2024-11-27T19:16:39Z","database_specific":{"review_status":"UNREVIEWED","url":"https://pkg.go.dev/vuln/GO-2024-3288"},"references":[{"type":"ADVISORY","url":"https://github.com/taurushq-io/multi-party-sig/security/advisories/GHSA-7f6p-phw2-8253"},{"type":"WEB","url":"https://eprint.iacr.org/2018/499.pdf"},{"type":"WEB","url":"https://github.com/taurushq-io/multi-party-sig/blob/4d84aafb57b437da1b933db9a265fb7ce4e7c138/internal/ot/extended.go#L188"},{"type":"WEB","url":"https://github.com/taurushq-io/multi-party-sig/blob/9e4400fccee89be6195d0a12dd0ed052288d5040/internal/ot/extended.go#L114"},{"type":"WEB","url":"https://github.com/taurushq-io/multi-party-sig/tree/otfix"}],"affected":[{"package":{"name":"github.com/taurusgroup/multi-party-sig","ecosystem":"Go","purl":"pkg:golang/github.com/taurusgroup/multi-party-sig"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2024-3288.json"}}],"schema_version":"1.7.3"}