CVE-2020-6638

Vulnerability

CVE-2020-6638 is a consensus protocol vulnerability in Grin through version 2.1.1, caused by insufficient validation of block inputs. This flaw allows a malicious node to produce two distinct valid blocks that are otherwise identical, differing only in the exact set of outputs being spent, a condition referred to as block malleability [1].

Exploitation

To exploit, an attacker must control a node on the network and craft two variants of a block that both pass consensus rules. The malleability can then be used to introduce a chain split, where different parts of the network accept different blocks as the canonical chain [1]. No authentication or specific network position is required beyond being a peer.

Impact

A successful chain split could enable subsequent attacks on users, such as double-spending or disrupting services, if users are caught on the wrong side of the split [1]. However, the attack is exceptionally difficult to execute in practice, and there is no evidence of it ever being exploited [1][3].

Mitigation

The vulnerability was fixed in Grin version 3.0.0, which was released as part of a scheduled hard fork on January 15, 2020 [1]. Users running v3.0.0 or later are not affected. No additional action is required from node operators or wallet users [1].