bitcoin

Key Extraction Attack for TSS (Discovered by Verichains)

frostdragon

>Luckily, Bitcoin switched from ECDSA to Schnorr a few years ago, so unless I'm mistaken, MPC protocols for bitcoin don't have this problem. But it could have been a problem if it weren't for BIP 340.

I believe you're mistaken. Schnorr signatures were part of Taproot, and you can't just flip them on, you'd have to start using a Taproot address for this. So this vulnerability might still apply to the vast majority of t-of-n wallets. 