GHSA-8M29-FPQ5-89JJ: Consensus Divergence in Zebra via Improper Sighash Hash-Type Handling
Vulnerability ID: GHSA-8M29-FPQ5-89JJ
CVSS Score: 8.8
Published: 2026-04-18
The Zebra Zcash node implementation contains a critical consensus flaw in its handling of transparent transaction Sighash hash types. A refactoring error at the Foreign Function Interface (FFI) boundary omitted necessary validation checks, potentially causing a consensus split between Zebra nodes and the reference zcashd implementation.
TL;DR
A consensus-breaking bug in Zebra's transaction verification logic allows an attacker to craft transactions that cause chain splits, risking network partitions and double-spend attacks.
⚠️ Exploit Status: POC
Technical Details
- Vulnerability Class: Consensus Divergence / Improper Input Validation
- Attack Vector: Network
- CVSS v4.0 Score: 8.8 - 9.2 (Critical)
- Impact: Chain Split, Network Partition, Potential Double Spend
- Exploit Status: Proof of Concept Exists
- CISA KEV: Not Listed
Affected Systems
- Zebra nodes (zebrad)
- Applications using zebra-script crate
- Zcash Network (Secondary participant risk)
-
zebrad: < 4.3.1 (Fixed in:
4.3.1) -
zebra-script: < 5.0.1 (Fixed in:
5.0.1)
Mitigation Strategies
- Immediate upgrade of affected binaries
- Implementation of heterogeneous node architectures for transaction verification
- Real-time monitoring of chain tips across different node implementations
Remediation Steps:
- Identify all systems running
zebrador utilizingzebra-script. - Update
zebradto version 4.3.1. - Update
zebra-scriptcrate dependency to version 5.0.1 in downstream Rust projects. - Restart node services and verify successful synchronization with the main Zcash chain.
References
- GitHub Advisory: GHSA-8m29-fpq5-89jj
- Zcash Foundation Zebra Repository
- OSV Entry: GHSA-8m29-fpq5-89jj
Read the full report for GHSA-8M29-FPQ5-89JJ on our website for more details including interactive diagrams and full exploit analysis.
Top comments (0)