Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

The tx verifier does not enforce using the correct consensus branch ID in the SIGHASH computation #9089

Open
upbqdn opened this issue Dec 16, 2024 · 0 comments
Assignees
Labels
C-bug Category: This is a bug I-consensus Zebra breaks a Zcash consensus rule

Comments

@upbqdn
Copy link
Member

upbqdn commented Dec 16, 2024

When computing the SIGHASH of V5 txs, the tx verifier picks the consensus branch ID from the nConsensusBranchId field of the tx. If the field is set to a consensus branch ID corresponding to NU5 and NU6 is active, the SIGHASH computation doesn't follow this consensus rule:

[NU6 only] All transactions MUST use the NU6 consensus branch ID 0xC8E71055 as defined in ZIP-253.

This bug was effectively mitigated in #9063 by checking the nConsensusBranchId field prior to the SIGHASH computation, so the tx verifier won't accept NU5 transactions after NU6 activation anymore. However, we should fix the computation itself so that it adheres to the consensus rule stated above.

@upbqdn upbqdn added C-bug Category: This is a bug I-consensus Zebra breaks a Zcash consensus rule labels Dec 16, 2024
@github-project-automation github-project-automation bot moved this to New in Zebra Dec 16, 2024
@mpguerra mpguerra moved this from New to In progress in Zebra Dec 17, 2024
@upbqdn upbqdn self-assigned this Dec 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
C-bug Category: This is a bug I-consensus Zebra breaks a Zcash consensus rule
Projects
Status: In progress
Development

No branches or pull requests

1 participant