Zebra, Consensus Divergence, (None) Critical

By /

Listen to this Post

How the CVE Works (20 lines):

  1. Zebra 4.4.0 fails to enforce ZIP-244 §S.2a for V5 transparent transactions.
  2. The rule: if an input uses SIGHASH_SINGLE (0x03) or SIGHASH_SINGLE|ANYONECANPAY (0x83) and there is no transparent output at the same index, validation must fail.
  3. Zebra’s verification inherits Bitcoin Script C++ code via a foreign function interface (FFI).
  4. A Rust callback computes the sighash for each input using librustzcash’s ZIP-244 implementation.
  5. For out-of-range SIGHASH_SINGLE, `librustzcash` hashes an empty output set instead of raising an error.
  6. Zebra accepts the resulting digest and allows any signature that verifies against it.
  7. In contrast, zcashd’s `SignatureHash` throws an exception; `CheckSig` catches it and fails the script.
  8. An attacker crafts a V5 transaction with more transparent inputs than outputs.
  9. Example: 2 inputs, 1 output – input index 1 has no corresponding output.
  10. The attacker signs input index 1 with SIGHASH_SINGLE (0x03).
  11. Zebra computes a sighash over an empty output set and accepts the signature.
  12. The transaction (or block containing it) passes Zebra’s consensus checks.
    13. `zcashd` rejects the same transaction because the missing output triggers a hard failure.
  13. This creates a consensus split between Zebra nodes and `zcashd` nodes.
  14. The split can lead to network partitioning, double-spends, and chain forks.
  15. A previous fix (GHSA-cwfq-rfcr-8hmp) added the first ZIP-244 rule (invalid hash type) but missed this second rule.
  16. The vulnerable code path exists only in Zebra 4.4.0; earlier and later versions are unaffected.
  17. Most miners run zcashd, which limits immediate impact but does not protect Zebra-only nodes.
  18. The issue is fixed in Zebra 4.4.1 by enforcing the missing-output rule before calling the sighash library.

20. No workaround exists; immediate upgrade is required.

DailyCVE Form:

Platform: Zebra node
Version: 4.4.0
Vulnerability: SIGHASH_SINGLE missing output
Severity: Critical consensus failure
Date: Unknown publication date

Prediction: Patch already released

Analytics under heading What Undercode Say:

Check Zebra version
zebrad --version | grep "zebrad 4.4.0"
Simulate missing-output sighash (Python with librustzcash)
python3 -c "
from librustzcash import transaction
Craft V5 tx with inputs=2, outputs=1, sign input[bash] with SIGHASH_SINGLE
Library returns hash(empty_outputs) instead of error
"
Detect vulnerable nodes by broadcasting probe tx
Create raw tx with more inputs than outputs, SIGHASH_SINGLE on out-of-range index
Node accepts -> vulnerable; rejects -> patched or zcashd
echo "Probe transaction hex: 050000800a... (truncated)"
Patch diff (Zebra 4.4.1)
git diff v4.4.0 v4.4.1 zebra-consensus/src/transaction.rs | grep -A5 -B5 "SIGHASH_SINGLE"

Exploit:

Construct V5 transaction with N transparent inputs and M outputs (N > M). For each input index i where i >= M, set hash type to 0x03 or 0x83. Sign using Zebra’s generated sighash (empty output set). Broadcast transaction to Zebra nodes – they accept and relay. `zcashd` nodes drop the transaction, causing diverged mempools and potential chain split.

Protection from this CVE

Upgrade to Zebra 4.4.1 immediately. No configuration workaround exists. After upgrade, verify enforcement: send a test transaction with missing-output SIGHASH_SINGLE – it must be rejected with “no output at same index” error.

Impact:

Consensus split between Zebra and `zcashd` networks. Attacker can isolate Zebra nodes, create alternate chain forks, double-spend against Zebra-only merchants or exchanges. Service disruption for any application relying on Zebra as a canonical node.

🎯Let’s Practice Exploiting & Learn Patching For Free:

Sources:

Reported By: github.com
Extra Source Hub:
Undercode

🔐JOIN OUR CYBER WORLD [ CVE News • HackMonitor • UndercodeNews ]

💬 Whatsapp | 💬 Telegram

📢 Follow DailyCVE & Stay Tuned:

𝕏 formerly Twitter 🐦 | @ Threads | 🔗 Linkedin Featured Image

Scroll to Top