Executive Summary

The vulnerability exists in the nimiq-block Rust implementation, specifically in the SkipBlockProof::verify function. This function uses BitSet.len() to compute a quorum check and then casts each BitSet index from usize to u16 for slot lookup. Before version 1.3.0, an attacker could craft a SkipBlockProof where MultiSignature.signers contains out-of-range indices spaced by 65536. These out-of-range indices artificially inflate the length count but collide onto the same in-range u16 slot during aggregation.

This flaw allows a malicious validator with fewer than the required 2f+1 real signer slots to pass the skip block proof verification by effectively multiplying a single BLS signature multiple times, bypassing the intended quorum check.

The vulnerability was fixed in version 1.3.0 of nimiq-block, and no known workarounds exist.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can allow a malicious validator to bypass the quorum verification process by faking the number of valid signers. As a result, an attacker with fewer than the required number of signatures can pass the skip block proof verification.

The impact includes the potential for unauthorized block acceptance or manipulation within the Nimiq blockchain system, which can compromise the integrity and reliability of the blockchain consensus.

Because the attacker can cause the system to accept invalid proofs, this could lead to denial of service, data integrity issues, or other attacks that undermine the blockchain's security.

Useful 0 Not Useful 0

Mitigation Strategies

The vulnerability is fixed in nimiq-block version 1.3.0. Immediate mitigation involves upgrading to version 1.3.0 or later.

No known workarounds are available, so applying the patch is the recommended step.

Useful 0 Not Useful 0

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves crafted SkipBlockProof messages containing MultiSignature.signers with out-of-range indices spaced by 65536 that bypass quorum checks. Detection involves inspecting SkipBlockProof multisignature signers for invalid or out-of-range slot indices that artificially inflate the BitSet length.

Since the vulnerability is specific to the internal BitSet indices used in the Rust implementation of Nimiq's block verification, detection requires analyzing the signer BitSet in SkipBlockProof messages to verify that all signer slot indices are within the valid range defined by Policy::SLOTS (less than the maximum allowed slots and within u16 limits).

There are no known direct network scanning commands or simple system commands to detect this vulnerability externally because it is a logic flaw in signature verification within the software. Detection would require either:

• Instrumenting or patching the Nimiq node software to log or reject SkipBlockProofs with invalid signer indices, as done in the patch introducing the `checked_signer_slots()` function.
• Reviewing logs for error messages related to failed signer slot validation during proof verification.

If you have access to the source or runtime environment, you could add debugging or logging around the verification function to detect signer BitSets containing indices >= Policy::SLOTS or indices that differ by multiples of 65536.

In summary, detection requires internal validation of signer slot indices in SkipBlockProofs and related multisignature proofs, which is implemented in the patched version 1.3.0. No simple external commands are available to detect this vulnerability on a network or system without such instrumentation.

Useful 0 Not Useful 0