GHSA-8M29-FPQ5-89JJ: Consensus Divergence in Zebra via Improper Sighash Hash-Type Handling

Vulnerability ID: GHSA-8M29-FPQ5-89JJ
CVSS Score: 8.8
Published: 2026-04-18

The Zebra Zcash node implementation contains a critical consensus flaw in its handling of transparent transaction Sighash hash types. A refactoring error at the Foreign Function Interface (FFI) boundary omitted necessary validation checks, potentially causing a consensus split between Zebra nodes and the reference zcashd implementation.

TL;DR

A consensus-breaking bug in Zebra's transaction verification logic allows an attacker to craft transactions that cause chain splits, risking network partitions and double-spend attacks.

⚠️ Exploit Status: POC

Technical Details

• Vulnerability Class: Consensus Divergence / Improper Input Validation
• Attack Vector: Network
• CVSS v4.0 Score: 8.8 - 9.2 (Critical)
• Impact: Chain Split, Network Partition, Potential Double Spend
• Exploit Status: Proof of Concept Exists
• CISA KEV: Not Listed

Affected Systems

• Zebra nodes (zebrad)
• Applications using zebra-script crate
• Zcash Network (Secondary participant risk)
• zebrad: < 4.3.1 (Fixed in: 4.3.1)
• zebra-script: < 5.0.1 (Fixed in: 5.0.1)

Mitigation Strategies

• Immediate upgrade of affected binaries
• Implementation of heterogeneous node architectures for transaction verification
• Real-time monitoring of chain tips across different node implementations

Remediation Steps:

1. Identify all systems running zebrad or utilizing zebra-script.
2. Update zebrad to version 4.3.1.
3. Update zebra-script crate dependency to version 5.0.1 in downstream Rust projects.
4. Restart node services and verify successful synchronization with the main Zcash chain.

References

• GitHub Advisory: GHSA-8m29-fpq5-89jj
• Zcash Foundation Zebra Repository
• OSV Entry: GHSA-8m29-fpq5-89jj

Read the full report for GHSA-8M29-FPQ5-89JJ on our website for more details including interactive diagrams and full exploit analysis.