An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users’ private key after obtaining the partial signature in multisignature.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22741
Reference (s):
- https://github.com/xuperchain/xuperchain/issues/782