CVE-2026-34377: Consensus Split Vulnerability in Zebra Transaction Verification Cache
Vulnerability ID: CVE-2026-34377
CVSS Score: 8.4
Published: 2026-03-30
A logic error in the Zebra transaction verification cache for Zcash V5 transactions leads to improper signature validation. By exploiting the discrepancy between the mined transaction ID and the full authorization root, a malicious miner can force vulnerable Zebra nodes to accept invalid blocks, resulting in a network consensus split.
TL;DR
Zebra nodes prior to version 4.3.0 improperly cache Zcash V5 transactions using only the non-authorizing txid. A malicious miner can exploit this to bypass signature verification, causing a hard fork from the main Zcash network.
⚠️ Exploit Status: POC
Technical Details
- CWE ID: CWE-347
- Attack Vector: Network
- Privileges Required: High
- CVSS v4.0 Base: 8.4
- Impact: High Integrity, High Availability
- Exploit Status: Proof-of-Concept
Affected Systems
- zebrad prior to 4.3.0
- zebra-consensus crate prior to 5.0.1
-
zebrad: < 4.3.0 (Fixed in:
4.3.0) -
zebra-consensus: < 5.0.1 (Fixed in:
5.0.1)
Code Analysis
Commit: 2429f97
Fix V5 transaction verification cache lookup
Commit: aabb8b4
Fix Founders' Reward Subsidy calculation
Commit: 60a7124
Enforce ZIP-235 NSM pool fee redirection
Mitigation Strategies
- Upgrade to zebrad 4.3.0
- Upgrade zebra-consensus crate to 5.0.1
- Monitor node logs for check_v5_auth() failures
- Implement network-level monitoring for chain forks
Remediation Steps:
- Stop the running zebrad service.
- Download or compile zebrad version 4.3.0.
- Restart the node and verify synchronization with the main chain.
- Monitor logs for abnormal block rejection rates.
References
Read the full report for CVE-2026-34377 on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)