-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI
GoGoMiggo AIRoot Cause AnalysisThe vulnerability lies in the improper verification of BIP-322 signatures, specifically the lack of enforcement of the SIGHASH flag. The specification requires SIGHASH_ALL for P2WPKH and SIGHASH_DEFAULT or SIGHASH_ALL for Taproot addresses, but the implementation was not checking this. The core of the vulnerability was in the bip322.Verify function in crypto/bip322/bip322.go. The patch addresses this by removing the vulnerable Verify function and introducing a new function, VerifyP2WPKHAndP2TR, which calls another new function, validateSigHashType, to explicitly check for the correct SIGHASH types before proceeding with signature verification. The function types.VerifyBIP322SigPop in x/btcstaking/types/pop.go was also identified as vulnerable because it was a consumer of the flawed bip322.Verify function. The fix involved updating types.VerifyBIP322SigPop to call the new, secure bip322.VerifyP2WPKHAndP2TR function.
bip322.Verifycrypto/bip322/bip322.go
types.VerifyBIP322SigPopx/btcstaking/types/pop.go
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| github.com/babylonlabs-io/babylon/v4 | go | < 4.1.0 | 4.1.0 |
Ongoing coverage of React2Shell