A logic error in Zebra's transaction verification cache could allow a malicious miner to induce a consensus split. By carefully submitting a transaction that is valid for height H+1 but invalid for H+2 and then mining that transaction in a block at height H+2, a miner could cause vulnerable Zebra nodes to accept an invalid block, leading to a consensus split from the rest of the Zcash network.
High - This is a Consensus Vulnerability that could allow a malicious miner to induce network partitioning, service disruption, and potential double-spend attacks against affected nodes.
All Zebra versions prior to version 4.3.1. (Some older versions are not affected but are no longer supported by the network)
The vulnerability exists due to a performance optimization whose goal is to improve performance of transaction validation if the transaction was previously accepted into the mempool (and thus was verified as valid). That however did not take into account that a transaction can be valid for a specific height, but invalid at higher heights; for example, it can contain an expiry height, a lock time, and it is always bound to a network upgrade, all of which are height-dependant.
An attacker (specifically a malicious miner) could exploit this by (e.g. in the expiry height case):
H+1 (where H is the height of the current tip)H+1, and a block H+2 that contains that same transaction, and submitting block H+2 before H+1H+2 as valid (pending contextual verification) and wait for block H+1; when it arrives, Zebra would commit both blocks even if H+2 contains an expired transactionzcashd or zebrad nodes without that transaction in their mempool) reject the block, resulting in a...5.0.24.3.1Exploitability
AV:NAC:LAT:PPR:LUI:NVulnerable System
VC:NVI:HVA:HSubsequent System
SC:NSI:HSA:H7.2/CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H