The Annual Comedy of the Cryptography Hall: "Lost Multi-Signature Private Key" Defeats the World's Safest Election

International Association for Cryptologic Research (IACR) faced voting issues among its board members due to “losing one of the three multisignature keys”, becoming a piece of dark humor in the crypto world. (Background: How to use Bitcoin multisignature wallets? 10 tips for Newbies) (Supplementary Background: Complete analysis of Crypto Assets wallets: Differences between Hot and Cold Wallets, pros and cons of multisignature) Claimed to be the safest electronic voting mechanism in the world, it was instantly defeated by “I forgot to back it up”. The IACR, which includes global cryptographers and encryption engineers, announced this month that the 2025 board member election could not decrypt the votes due to “one of the private keys being lost”, and voting had to be redone. The main cause of this blunder was one of the trustees from the election committee, Google scientist Moti Yung, admitting to losing the multisignature private key, preventing the original 3/3 multisignature from unlocking. Although this incident is somewhat humorous, it thoroughly demonstrates that no matter how strong the encryption, human (system design) negligence cannot be overlooked. No room for error with “three private keys”. The IACR's voting utilized the Helios electronic voting system, which is end-to-end verifiable. To prevent unilateral fraud, they set a “3-out-of-3” threshold for encryption, requiring all three trustees to simultaneously submit their private key shares to decrypt the votes. This design is akin to nuclear missile launches requiring three keys to turn simultaneously, seemingly unbreakable, but it also means a fault tolerance rate of zero; as long as one person fails to provide their private key share, the data is forever locked. After voting concluded, trustees Dario Fiore and Francisco Rodríguez-Henríquez had uploaded their shares, with decryption only a step away. At this point, Moti Yung realized he could not find his private key. Very honest, yet very tragic. Security expert Bruce Schneier lamented: “We always overestimate the reliability of technology while underestimating the fragility of the operational process.” In a full multisignature design, people are the greatest vulnerability. Following the incident, Moti Yung resigned from his trustee position, with chair Michel Abdalla acting as his replacement. The IACR also lowered the threshold to “2-out-of-3”, meaning only 2 of the 3 multisignature keys are needed to unlock, and voting was restarted on November 22. This new setting allows the system to complete the voting even if it loses one key while maintaining the requirement for at least two people to jointly decrypt to prevent fraud. This adjustment is similar to the concept of multisignature wallets: if the security mechanism is overly strict, it might ultimately lock itself out. A lesson for the blockchain world. This incident serves as a clear lesson for blockchain entrepreneurs and venture capitalists: encryption may theoretically be perfect, but operational processes must allow for human error. Otherwise, even the most expensive encrypted vault could ultimately fall to a “forgotten backup”. Related reports: Security firms: North Korean hackers have infiltrated 15-20% of Crypto Assets companies, stealing $2.1 billion over six months! Security report: Hacker attack focus shifts from smart contracts to general users, four tips to protect your crypto assets. “A hilarious annual joke from the hall of cryptography: 'Multisignature private key lost' defeated the world's safest election” was first published in BlockTempo, the most influential blockchain news media.