CVE-2020-12439

What the Vulnerability Is CVE-2020-12439 is a consensus vulnerability in the Grin Mimblewimble blockchain client, present in versions prior to 3.1.0. The root cause lies in how the output_pos database index was managed during blockchain rewinds. Unlike the UTXO set itself, the index was not rewound transactionally, leaving it with stale entries (false positives) after a rewind. This misalignment between the index and the actual UTXO set could be exploited to permanently derail a node's consensus state [1][4].

Exploitation An attacker with substantial graphrate (hash power) could craft a sequence of blocks that force a victim node to repeatedly rewind and apply blocks, progressively corrupting the output_pos index. The node would then interpret the index as authoritative (though it was non-authoritative by design), leading to incorrect conclusions about whether outputs were spent or unspent. No authentication beyond standard node operations was required; any node following the network could be targeted [4].

Impact A successful attack would permanently force the victim node out of consensus with the rest of the Grin network. Since the index corruption persisted across restarts and re-syncs without a full resync, the node could not recover automatically, effectively rendering it unable to participate in the network until the index was manually rebuilt or a patch applied [4].

Mitigation The fix was merged in Grin version 3.1.0, which reworked the block input bitmap to store a per-block *spent_index* (an undo list), enabling transactional updates to the output_pos index during both apply and rewind operations [2][3]. All Grin nodes were advised to upgrade to v3.1.0 or later. The disclosure timeline spanned approximately 90 days to allow gradual network-wide patching without disrupting consensus [4].