Babylon Protocol, Signature Replay Vulnerability, CVE-2023-XXXX (Critical)

Listen to this Post

🐢▶️ Listen🚀

How the CVE Works

The vulnerability in Babylon Protocol’s `x/finality` module stems from insufficient domain separation in signed messages and weak validation in MsgCommitPubRandList. The handler fails to enforce a 32-byte length requirement for the `Commitment` field, enabling signature replay attacks. An attacker can reuse a signature from a Proof-of-Possession (PoP) in `MsgCreateFinalityProvider` as a forged MsgCommitPubRandList. By manipulating message parameters, the attacker crafts a malicious payload where the 20-byte address from the PoP is reinterpreted as StartHeight, NumPubRand, and a truncated `Commitment` (e.g., 4 bytes). The replayed signature bypasses verification, injecting an invalid `PubRand` commitment. This corrupts the Finality Provider’s state, as the derived `StartHeight` and `NumPubRand` values are excessively large, disrupting protocol integrity.

DailyCVE Form

Platform: Babylon Protocol
Version: x/finality module
Vulnerability: Signature replay
Severity: Critical
Date: 2023-XX-XX

What Undercode Say:

Exploitation Analysis

1. Signature Replay:

• Attacker extracts a PoP signature from MsgCreateFinalityProvider.
• Crafts `MsgCommitPubRandList` with malformed `Commitment` (4 bytes).
• Sets StartHeight/NumPubRand from address bytes (e.g., `0xabcd…` → height 43981).

2. Payload Crafting:

Pseudo-code for malicious CommitPubRandList
malicious_commit = {
'start_height': int.from_bytes(address[0:4], 'big'), 20-byte addr → uint64
'num_pub_rand': int.from_bytes(address[4:8], 'big'),
'commitment': address[8:12] Truncated to 4 bytes
}

3. Verification Bypass:

• The reused EOTS signature validates due to missing domain separation.

Protection Commands

1. Patch Validation:

// Enforce 32-byte Commitment in MsgCommitPubRandList
if len(msg.Commitment) != 32 {
return error("Invalid Commitment length")
}

2. Domain Separation:

• Prefix message types with context (e.g., `\x01` for PoP, `\x02` for CommitPubRand).

3. Network Mitigation:

Query for malformed commitments
babylond query finality list-commitments --limit 1000 | jq '.[] | select(.commitment | length != 32)'

4. Key Hygiene:

Rotate compromised EOTS keys
babylond keys delete fp-old --force
babylond keys add fp-new --keyring-backend file

References

• Patch: Babylon Protocol GitHub Commit
• EOTS RFC: BIP-340
  Impact Mitigation: Critical severity requires immediate patching and key rotation to prevent chain destabilization.

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram