{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/blockchain/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":8.1,"id":"CVE-2026-40093"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["blockchain","timestamp-manipulation","inflation"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eNimiq-blockchain, which provides persistent block storage for Nimiq\u0026rsquo;s Rust implementation, is susceptible to a critical vulnerability. In versions 1.3.0 and earlier, the block timestamp validation lacks an upper bound check against the wall clock. This flaw enables a malicious block-producing validator to set block timestamps to an arbitrarily distant future. The vulnerability directly impacts reward calculations within the blockchain, specifically through \u003ccode\u003ePolicy::supply_at()\u003c/code\u003e and \u003ccode\u003ebatch_delay()\u003c/code\u003e in \u003ccode\u003eblockchain/src/reward.rs\u003c/code\u003e. By manipulating these timestamps, attackers can inflate the monetary supply beyond the intended emission schedule. This poses a significant threat to the integrity and economic stability of the Nimiq blockchain.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker gains control of a block-producing validator node within the Nimiq blockchain network.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious block.\u003c/li\u003e\n\u003cli\u003eThe malicious block is created with a timestamp set arbitrarily far into the future.\u003c/li\u003e\n\u003cli\u003eThe vulnerable timestamp validation logic in Nimiq-blockchain (versions 1.3.0 and earlier) fails to detect the out-of-bounds timestamp due to the missing upper bound check.\u003c/li\u003e\n\u003cli\u003eThe malicious block is accepted and added to the blockchain.\u003c/li\u003e\n\u003cli\u003eThe inflated timestamp is used in reward calculations via \u003ccode\u003ePolicy::supply_at()\u003c/code\u003e and \u003ccode\u003ebatch_delay()\u003c/code\u003e functions in \u003ccode\u003eblockchain/src/reward.rs\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker receives an unfairly large block reward due to the manipulated timestamp.\u003c/li\u003e\n\u003cli\u003eThe total monetary supply of Nimiq is inflated beyond the intended emission schedule, devaluing existing holdings.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-40093 can lead to a significant inflation of the Nimiq cryptocurrency supply. While the precise number of affected users or specific financial losses is currently unknown, any validator capable of producing blocks could potentially exploit this vulnerability. If successful, this attack undermines the economic model of Nimiq, potentially causing a loss of confidence in the cryptocurrency and a devaluation of existing holdings.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to a patched version of \u003ccode\u003enimiq-blockchain\u003c/code\u003e that includes a proper upper bound check on block timestamps to address CVE-2026-40093.\u003c/li\u003e\n\u003cli\u003eImplement monitoring for sudden and unexpected increases in block rewards, focusing on inconsistencies with the expected emission schedule. This would require detailed knowledge of the blockchain\u0026rsquo;s reward algorithm.\u003c/li\u003e\n\u003cli\u003eReview and harden the block validation logic within the Nimiq-blockchain implementation to prevent similar timestamp manipulation attacks in the future.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-09T21:16:11Z","date_published":"2026-04-09T21:16:11Z","id":"/briefs/2026-04-nimiq-timestamp-inflation/","summary":"A vulnerability in nimiq-blockchain versions 1.3.0 and earlier allows malicious validators to manipulate block timestamps, leading to inflation of the monetary supply.","title":"Nimiq Blockchain Timestamp Manipulation Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-04-nimiq-timestamp-inflation/"},{"_cs_actors":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-40069"}],"_cs_exploited":false,"_cs_products":[],"_cs_severities":["high"],"_cs_tags":["bsv","ruby","blockchain","vulnerability"],"_cs_type":"advisory","_cs_vendors":[],"content_html":"\u003cp\u003eThe BSV Ruby SDK, a tool for interacting with the BSV blockchain, contains a vulnerability in versions prior to 0.8.2. Specifically, the \u003ccode\u003eBSV::Network::ARC\u003c/code\u003e component\u0026rsquo;s failure detection mechanism is flawed. It only recognizes \u003ccode\u003eREJECTED\u003c/code\u003e and \u003ccode\u003eDOUBLE_SPEND_ATTEMPTED\u003c/code\u003e ARC responses as failures. Responses with \u003ccode\u003etxStatus\u003c/code\u003e values like \u003ccode\u003eINVALID\u003c/code\u003e, \u003ccode\u003eMALFORMED\u003c/code\u003e, \u003ccode\u003eMINED_IN_STALE_BLOCK\u003c/code\u003e, or any \u003ccode\u003eORPHAN\u003c/code\u003e-containing string in \u003ccode\u003eextraInfo\u003c/code\u003e or \u003ccode\u003etxStatus\u003c/code\u003e are incorrectly treated as successful broadcasts. This can lead applications that rely on successful broadcast confirmations to trust transactions that were never actually accepted by the BSV network. The vulnerability is identified as CVE-2026-40069 and is patched in version 0.8.2 of the SDK. This affects any application using the vulnerable SDK to interact with the BSV blockchain where transaction confirmation is critical for subsequent actions.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAn attacker crafts a transaction designed to fail under specific conditions on the BSV network (e.g., invalid format, conflicts with existing transactions).\u003c/li\u003e\n\u003cli\u003eThe attacker uses an application built with a vulnerable BSV Ruby SDK (versions \u0026lt; 0.8.2) to broadcast the malicious transaction.\u003c/li\u003e\n\u003cli\u003eThe BSV network responds with an ARC response indicating a failure status, such as \u003ccode\u003eINVALID\u003c/code\u003e, \u003ccode\u003eMALFORMED\u003c/code\u003e, \u003ccode\u003eMINED_IN_STALE_BLOCK\u003c/code\u003e, or a status containing \u003ccode\u003eORPHAN\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003eBSV::Network::ARC\u003c/code\u003e component in the SDK incorrectly interprets the failure response as a successful broadcast due to inadequate error handling.\u003c/li\u003e\n\u003cli\u003eThe application, relying on the SDK\u0026rsquo;s flawed confirmation, proceeds with actions dependent on the transaction\u0026rsquo;s supposed success.\u003c/li\u003e\n\u003cli\u003eThese actions could include updating local state, triggering further transactions, or providing access to resources based on the false confirmation.\u003c/li\u003e\n\u003cli\u003eThe attacker benefits from the application\u0026rsquo;s misinterpretation, potentially gaining unauthorized access or manipulating the application\u0026rsquo;s state.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-40069 allows attackers to deceive applications using vulnerable BSV Ruby SDK versions into believing that a transaction has been successfully broadcast to the BSV blockchain when it has not. This can lead to incorrect application state, unauthorized actions, or other security breaches depending on the application\u0026rsquo;s logic. While the exact number of affected applications isn\u0026rsquo;t specified, any application relying on transaction confirmation from the BSV Ruby SDK prior to version 0.8.2 is potentially vulnerable. This could impact financial applications, supply chain management systems, or any other application using the BSV blockchain for critical operations.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade all instances of the BSV Ruby SDK to version 0.8.2 or later to remediate CVE-2026-40069.\u003c/li\u003e\n\u003cli\u003eImplement additional transaction verification mechanisms independent of the BSV Ruby SDK in applications where transaction confirmation is critical.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect BSV Ruby SDK ARC Response Errors\u0026rdquo; to identify potentially vulnerable applications based on network traffic patterns.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-04-09T18:17:03Z","date_published":"2026-04-09T18:17:03Z","id":"/briefs/2024-01-bsv-ruby-sdk-vuln/","summary":"BSV Ruby SDK versions before 0.8.2 improperly handle ARC responses, treating certain failure statuses as successful broadcasts, potentially tricking applications into trusting unaccepted transactions; version 0.8.2 resolves this vulnerability.","title":"BSV Ruby SDK Improper ARC Response Handling","url":"https://feed.craftedsignal.io/briefs/2024-01-bsv-ruby-sdk-vuln/"},{"_cs_actors":[],"_cs_cves":[],"_cs_exploited":false,"_cs_products":["nimiq-block"],"_cs_severities":["medium"],"_cs_tags":["blockchain","quorum bypass","nimiq","rust"],"_cs_type":"advisory","_cs_vendors":["Nimiq"],"content_html":"\u003cp\u003eA critical vulnerability has been identified in the Nimiq Block\u0026rsquo;s \u003ccode\u003eSkipBlockProof::verify\u003c/code\u003e function within the rust-albatross core. This vulnerability stems from the way the quorum check is performed. The vulnerability lies in the ability to craft \u003ccode\u003eMultiSignature.signers\u003c/code\u003e that contain out-of-range indices spaced by 65536, inflating the \u003ccode\u003elen()\u003c/code\u003e calculation but colliding onto the same in-range \u003ccode\u003eu16\u003c/code\u003e slot during aggregation due to truncation. The vulnerability affects \u003ccode\u003erust/nimiq-block\u003c/code\u003e versions \u003ccode\u003e\u0026lt;= 0.2.0\u003c/code\u003e. Successful exploitation allows a malicious validator with significantly fewer than the required \u003ccode\u003e2f+1\u003c/code\u003e signer slots to pass skip block proof verification. This bypasses the intended security mechanisms, potentially undermining the blockchain\u0026rsquo;s consensus and integrity.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a Nimiq Block instance running a vulnerable version (\u0026lt;= 0.2.0) of the \u003ccode\u003erust/nimiq-block\u003c/code\u003e package.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious \u003ccode\u003eMultiSignature.signers\u003c/code\u003e payload.\u003c/li\u003e\n\u003cli\u003eThe malicious payload contains out-of-range indices spaced by 65536. These indices are specifically designed to inflate the \u003ccode\u003eBitSet.len()\u003c/code\u003e calculation used in the quorum check.\u003c/li\u003e\n\u003cli\u003eDuring verification within \u003ccode\u003eSkipBlockProof::verify\u003c/code\u003e, the \u003ccode\u003eusize\u003c/code\u003e indices are cast to \u003ccode\u003eu16\u003c/code\u003e (\u003ccode\u003eslot as u16\u003c/code\u003e) for slot lookup.\u003c/li\u003e\n\u003cli\u003eDue to the \u003ccode\u003eu16\u003c/code\u003e truncation, the out-of-range indices collide onto the same in-range slot. This creates an artificial aggregation of signatures.\u003c/li\u003e\n\u003cli\u003eThe attacker multiplies a single BLS signature by a factor to match the inflated \u003ccode\u003elen()\u003c/code\u003e value.\u003c/li\u003e\n\u003cli\u003eThe manipulated \u003ccode\u003eSkipBlockProof\u003c/code\u003e passes the quorum check due to the inflated \u003ccode\u003elen()\u003c/code\u003e and signature aggregation.\u003c/li\u003e\n\u003cli\u003eThe malicious skip block is accepted, potentially leading to consensus manipulation or other attacks on the blockchain.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows a malicious validator to bypass the standard quorum requirements for skip block proof verification. This means that a single compromised validator or a small group of colluding validators can inject fraudulent blocks into the blockchain, potentially leading to double-spending, denial-of-service, or other attacks that compromise the integrity and availability of the Nimiq blockchain. Given the severity of these potential outcomes, this vulnerability poses a critical risk to any system relying on affected versions of Nimiq Block.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to \u003ccode\u003erust/nimiq-block\u003c/code\u003e version \u003ccode\u003e1.3.0\u003c/code\u003e or later, which includes the fix for \u003ca href=\"https://github.com/advisories/GHSA-6973-8887-87ff\"\u003eCVE-2026-33471\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for anomalies related to skip block submissions, focusing on unusually large \u003ccode\u003eMultiSignature.signers\u003c/code\u003e payloads with indices spaced by multiples of 65536. Create a network monitoring rule.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-02T12:00:00Z","date_published":"2024-01-02T12:00:00Z","id":"/briefs/2024-01-nimiq-block-quorum-bypass/","summary":"A vulnerability exists in Nimiq Block's SkipBlockProof verification process, allowing attackers to bypass quorum checks by manipulating MultiSignature signers with out-of-range indices, potentially compromising blockchain integrity, and affecting rust/nimiq-block versions 0.2.0 and earlier.","title":"Nimiq Block Skip Block Quorum Bypass Vulnerability","url":"https://feed.craftedsignal.io/briefs/2024-01-nimiq-block-quorum-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Blockchain","version":"https://jsonfeed.org/version/1.1"}