Multi-party computation (MPC) wallet provider Liminal released a July 19 post-mortem report on the WazirX hack from the previous day, claiming that its UI was not responsible for the attack. According to the report, the hack occurred because three WazirX devices were compromised. 

Liminal also claimed that its multi-signature wallet was set up to provide a fourth signature if WazirX provided the other three. This meant the attacker only needed to compromise three devices to perform the attack. The wallet was set up this way at the behest of WazirX, the wallet provider claimed.

In a July 18 social media post, WazirX claimed that its private keys were secured with hardware wallets. WazirX said the attack “stemmed from a discrepancy between the data displayed on Liminal's interface and the transaction's actual contents.”

According to the Liminal report, one of WazirX’s devices initiated a valid transaction involving the Gala Games (GALA) token. In response, Liminal’s server provided a “safeTxHash,” verifying the transaction’s validity. However, the attacker then replaced this transaction hash with an invalid one, causing the transaction to fail.

In Liminal’s view, the fact that the attacker was able to change this hash implies that WazirX’s device had already been compromised before the transaction was attempted.

The attacker then initiated an additional two transactions; one GALA and one Tether (USDT) transfer. In each of these three transactions, the attacker used a different WazirX admin account, for a total of three accounts used. All three of the transactions failed.

Failed WazirX USDT transaction. Source: Liminal, Etherscan

After initiating these three failed transactions, the attacker extracted signatures from the transactions and used them to initiate a new, fourth transaction. The fourth transaction “was crafted in such a way that the fields used to verify policies were using legit transaction details” and “used the Nonce from the failed USDT transaction because that was the latest transaction.”

Because it used these “legit transaction details,” the Liminal server approved the transaction and provided a fourth signature. As a result, the transaction was confirmed on the Ethereum network, resulting in a transfer of funds from the joint multisig wallet to the attacker’s Ethereum account.

Liminal denied that its servers caused incorrect information to be displayed through the Liminal UI. Instead, it claimed that the incorrect information was provided by the attacker, who had compromised WazirX computers. In an answer to the posed question, “How did the UI show a different value from the actual payload within the transaction?” Liminal said:

“Based on our logs, given that three devices of the victim’s shared transactions sent out malicious payloads to Liminal’s server, we have reason to believe that the local machines were compromised giving the attacker complete access to modify the payloads and display misleading transaction details on the UI.”

Liminal also claimed that its servers were programmed to automatically provide a fourth signature if WazirX admins provided the other three. “Liminal only provides the final signature once the required number of valid signatures are received from the client’s side,” it stated, adding that in this case “the transaction was authorised and signed by three of our client’s employees.”

The multisig wallet “was deployed by WazirX as per their configuration well before onboarding with Liminal,” and was “imported” into Liminal “per WazirX’s request.”

Related: WazirX breach post-mortem: Dismantling the $230M attack

WazirX’s post claimed that it had implemented “robust security features.” For example, it had required that all transactions be confirmed by four out of five keyholders. Four of these keys belonged to WazirX employees and one to the Liminal team. In addition, it required three of the WazirX keyholders to use hardware wallets. All destination addresses were required to be added to a whitelist ahead of time, WazirX stated, which was “earmarked and facilitated on the interface by Liminal.”

Despite taking all of these precautions, the attacker “appear[s] to have possibly breached such security features, and the theft occurred.” WazirX called the attack a “a force majeure event beyond [its] control.” Even so, it vowed that it was “leaving no stone unturned to locate and recover the funds.”

An estimated $235 million was lost in the WazirX attack. It was the largest centralized exchange hack since the DMM exploit of May 31, which resulted in even greater losses of $305 million.