A logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By matching a valid transaction's txid while providing invalid authorization data, a miner could cause vulnerable Zebra nodes to accept an invalid block, leading to a consensus split from the rest of the Zcash network. To be clear, this would not allow invalid transactions to be accepted but could result in a consensus split between vulnerable Zebra nodes and invulnerable Zebra and Zcashd nodes.
High - This is a Consensus Vulnerability that could allow a malicious miner to induce network partitioning, service disruption, and potential double-spend attacks against affected nodes.
All Zebra versions supporting V5 transactions (Network Upgrade 5 and later) prior to version 4.3.0.
The vulnerability exists in the find_verified_unmined_tx function within transaction.rs. This function was designed to optimize block verification by checking if a transaction was already verified in the mempool.
The lookup mechanism used the ZIP-244 txid as the unique key. However, for V5 transactions, the txid specifically excludes the Authorization Data Root (signatures and proofs). Because Zebra returned a "verified" status based solely on the txid, it skipped the essential check_v5_auth() call for the transaction version provided in the block.
An attacker (specifically a malicious miner) could exploit this by:
txid but contains invalid signatures or proofs.txid in its mempool and incorrectly assumes the block's version of the transaction is already verified....5.0.14.3.0Exploitability
AV:NAC:LAT:NPR:HUI:NVulnerable System
VC:NVI:HVA:HSubsequent System
SC:NSI:HSA:H8.4/CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H