Name: ASA-2025-002: Malicious peer can stall network by disseminating seemingly valid block parts Component: CometBFT Criticality: High (Catastrophic Impact; Possible Likelihood per ACMv1.2) Affected versions: <= v0.38.16, v1.0.0 Affected users: Validators, Full nodes, Users
A bug was identified in the CometBFT validation of block part indices and the corresponding proof part indices that can lead to incorrect processing and dissemination of invalid parts, which in turn could lead to a network halt. Additional validation was added to prevent this condition from happening.
The new CometBFT releases v1.0.1 and v0.38.17 fix this issue.
Unreleased code in the main branch is patched as well.
There are no known workarounds for this issue. If a node is producing these malicious proofs, the only mitigation is to upgrade CometBFT. After upgrading, the validators then will eventually conclude the correct value.
When the next proposer creates a block, it is split into many block parts (64kB each). Each block part is then disseminated via p2p layer in a gossip fashion. The block part contains the following fields:
type Part struct {
Index uint32 `json:"index"`
Bytes cmtbytes.HexBytes `json:"bytes"`
Proof merkle.Proof `json:"proof"`
}
Index
- represents the index of a block partBytes
- the actual contentProof
- Merkle proof, which allows the receiving node to quickly verify that a Part
is indeed a piece of the proposed block.The Proof
contains the following fields:
type Proof struct {
Total int64 `json:"total"` // Total number of items.
Index int64 `json:"index"` // Index of item to prove.
LeafHash []byte `json:"leaf_hash"` // Hash of item value.
Aunts [][]byte `json:"aunts,omitempty"` // Hashes from leaf's sibling to a root's child.
}
Note that the total number of leaves in the Merkle tree equals the number of parts in the proposed block. Previously, CometBFT did not validate the Index
field and specifically that Part.Index
must be equal to Part.Proof.Index
. This leads to a condition where, it is possible to use the proof from a different part and CometBFT accept it, even though the proof proves the different part is a piece of the proposed block and not the part that the peer actually sent to us.
This condition is problematic because:
To address this, CometBFT was patched to verify that Part.Index
is equal to Part.Proof.Index
, preventing the above condition.
This issue was reported by unknown_feature to the Cosmos Bug Bounty Program on HackerOne on January 15, 2025. If you believe you have found a bug in the Interchain Stack or would like to contribute to the program by reporting a bug, please see https://hackerone.com/cosmos.
If you have questions about Interchain security efforts, please reach out to our official communication channel at security@interchain.io. For more information about the Interchain Foundation’s engagement with Amulet, and to sign up for security notification emails, please see https://github.com/interchainio/security.
A Github Security Advisory for this issue is available in the CometBFT repository. For more information about CometBFT, see https://docs.cometbft.com/.
{ "nvd_published_at": null, "cwe_ids": [ "CWE-345" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2025-02-03T16:48:59Z" }