Privy Key Reconstitution Exposes Security Risks in 120M Wallets

iconCryptoBriefing
Share
AI summary iconSummary

Privy secures over 120 million wallets for more than 2,000 developer teams, processing a monthly volume exceeding $9 billion. The architecture behind them relies on two complementary technologies: AWS Nitro Enclaves, a form of trusted execution environment (TEE), and Shamir’s Secret Sharing (SSS), a cryptographic method for splitting a private key into fragments held by separate parties.

How the system actually works

Privy uses Shamir’s Secret Sharing to ensure no single entity ever holds a complete private key during normal operations. The fragments are distributed, and only when a user needs to sign a transaction do those shards come together, briefly, inside a secure enclave.

That enclave is the AWS Nitro system: an isolated computing environment designed to be completely sealed off from the rest of the cloud infrastructure, including Amazon itself.

Advertisement

The problem is that the reconstitution step, where the key shards are briefly assembled for signing, creates a window. A technique called Prime+Probe allows an attacker sharing the same physical machine to infer what computations are happening inside a supposedly isolated environment by monitoring patterns in the processor cache. AWS Nitro is specifically engineered to prevent this class of attack through strict isolation, but recent academic research has probed the limits of that isolation in cloud environments broadly. No confirmed end-to-end attack against Privy’s specific implementation has been publicly documented.

The audit flag that matters

A 2023 security audit flagged potential vulnerabilities in Privy’s Shamir’s Secret Sharing library related to exactly this threat model. The Cure53 audit identified weaknesses that could, under certain conditions, expose the system to cache side-channel exploitation. Privy subsequently added security features, including Blockaid transaction scanning integration as of March 2025.

Privy’s approach, TEE plus SSS, requires full key reconstruction at the moment of signing. A different class of solutions, called multi-party computation (MPC), is designed so the key is never fully assembled anywhere, at any time. Signing happens through a distributed mathematical process where each party contributes a fragment of the computation without ever seeing the complete key, eliminating the reconstitution window entirely.

What this means for Stripe and the broader market

Stripe’s acquisition of Privy in June 2025 was widely read as a signal that traditional fintech is serious about crypto infrastructure. The customer base that Privy serves through Stripe-integrated products includes everyday consumers who may have minimal understanding of what a private key even is.

Privy is not alone in using TEE-based approaches. Many competing wallet providers rely on similar architectures. If the cache side-channel threat matures from theoretical to practical, the exposure is industry-wide, not company-specific.

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.