Our friends from Coinspect recently contacted us to inform us about a security vulnerability in Copay which allows peers of a certain wallet to spend coins without the required quorum. The vulnerability affected all implementations of Copay Beta version 0.3.2. We have already fixed the issue in the latest version of Copay (0.4.1), which is now available at copay.io and the Google Play Store. We encourage all users to update to the latest version.

The team at Coinspect discovered that Copay was not checking the signature type (SIGNHASH) of the incomming transaction proposals. All Copay transaction proposals are generated of type SIGNHASH_ALL, therefore, all inputs and outputs of the a transaction are secured by the signature.

A malicious member of a Copay wallet could create a transaction proposal with the signature type SIGN_NONE (using external software, or the javascript console) and broadcast it to his Copay Wallet peers. Copay was not checking the incoming transaction proposal signature type, so the peers would sign the transaction considering only the outputs of the transaction proposal at that time.

Afterwards, the malicious peer could add more outputs to the signed transaction, effectively spending coins without the required quorum.

We appreciate that Coinspect let us know about this important issue, and we encourage the Bitcoin community to evaluate and audit Copay, given its open-source nature. Multisig wallets have the potential to significantly decrease the risk of Bitcoin theft.

We will accept all responsible disclosures in the future at disclosure@bitpay.com. General security concerns can be sent to security@bitpay.com.

We are committed to maintaining and enhancing Copay as an open source solution. Join the Copay community on GitHub and participate in Copay discussion on Gitter – we are happy to assist in any way we can.