{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/bitcoin/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["bitcoinj-core (\u003e= 0.15, \u003c 0.17.1)"],"_cs_severities":["high"],"_cs_tags":["bitcoin","transaction-validation","script-execution","verification-bypass"],"_cs_type":"advisory","_cs_vendors":["bitcoinj"],"content_html":"\u003cp\u003eA critical vulnerability exists within the bitcoinj library, specifically affecting versions 0.15 to 0.17.0. The \u003ccode\u003eScriptExecution.correctlySpends()\u003c/code\u003e function contains flawed fast-path verification logic for standard Pay-to-Public-Key-Hash (P2PKH) and native Pay-to-Witness-Public-Key-Hash (P2WPKH) spends. This flaw allows an attacker to construct a transaction using an arbitrary keypair that bitcoinj will incorrectly validate as legitimate. This bypass occurs because bitcoinj fails to properly verify that the public key used in the signature matches the one committed to by the output being spent. Applications relying on bitcoinj for transaction validation are at risk of accepting fraudulent transactions. The vulnerability was reported on May 8th, 2026 and patched in versions 0.17.1 and later.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable application using bitcoinj library (versions 0.15 to 0.17.0) for transaction validation.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious transaction targeting a P2PKH or P2WPKH output of a victim.\u003c/li\u003e\n\u003cli\u003eFor P2PKH, the attacker creates a \u003ccode\u003escriptSig\u003c/code\u003e containing an arbitrary signature and public key. The signature is created using attacker\u0026rsquo;s private key over victim\u0026rsquo;s output.\u003c/li\u003e\n\u003cli\u003eFor P2WPKH, the attacker creates a witness containing an arbitrary signature and public key. The signature is created using attacker\u0026rsquo;s private key over victim\u0026rsquo;s output.\u003c/li\u003e\n\u003cli\u003eAttacker submits the malicious transaction to the vulnerable application.\u003c/li\u003e\n\u003cli\u003eThe application calls \u003ccode\u003eScriptExecution.correctlySpends()\u003c/code\u003e for validation. Due to the flawed logic, the function verifies the attacker\u0026rsquo;s signature against their public key but fails to validate the binding between the public key and the output being spent.\u003c/li\u003e\n\u003cli\u003eThe vulnerable application incorrectly validates the transaction as legitimate due to successful signature verification, even though the attacker does not own the output.\u003c/li\u003e\n\u003cli\u003eThe application processes the fraudulent transaction, leading to potential financial loss for the victim.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows attackers to bypass signature verification in bitcoinj-based applications. This can result in the acceptance of fraudulent transactions, leading to financial losses for affected users or services. The scope of impact depends on the number of applications relying on vulnerable versions of bitcoinj for transaction validation. While the specific number of victims is unknown, the potential for widespread abuse exists given the library\u0026rsquo;s usage within the Bitcoin ecosystem.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to bitcoinj version 0.17.1 or later to patch the vulnerability as mentioned in the \u003ca href=\"https://github.com/advisories/GHSA-hfcf-v2f8-x9pc\"\u003eGHSA advisory\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect BitcoinJ P2PKH Script Bypass\u0026rdquo; to identify potential exploitation attempts in your environment.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect BitcoinJ P2WPKH Script Bypass\u0026rdquo; to identify potential exploitation attempts in your environment.\u003c/li\u003e\n\u003cli\u003eReview and audit any custom transaction validation logic that relies on \u003ccode\u003eScriptExecution.correctlySpends()\u003c/code\u003e in affected applications.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-07-03T12:00:00Z","date_published":"2024-07-03T12:00:00Z","id":"/briefs/2024-07-bitcoinj-script-bypass/","summary":"A vulnerability in bitcoinj's ScriptExecution.correctlySpends() allows attackers to bypass signature verification for P2PKH and P2WPKH spends, potentially leading to unauthorized transaction validation.","title":"bitcoinj ScriptExecution P2PKH/P2WPKH Verification Bypass","url":"https://feed.craftedsignal.io/briefs/2024-07-bitcoinj-script-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Bitcoin","version":"https://jsonfeed.org/version/1.1"}