CVE-2022-29219

Date: May 24, 2022

Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted "AttesterSlashing" or "ProposerSlashing" being included on-chain. Because the developers represent "uint64" values as native javascript "number"s, there is an issue when those variables with large (greater than 2^53) "uint64" values are included on chain. In those cases, Lodestar may view valid_"AttesterSlashing" or "ProposerSlashing" as invalid, due to rounding errors in large "number" values. This causes a consensus split, where Lodestar nodes are forked away from the main network. Similarly, Lodestar may consider invalid "ProposerSlashing" as valid, thus including in proposed blocks that will be considered invalid by the network. Version 0.36.0 contains a fix for this issue. As a workaround, use "BigInt" to represent "Slot" and "Epoch" values in "AttesterSlashing" and "ProposerSlashing" objects. "BigInt" is too slow to be used in all "Slot" and "Epoch" cases, so one may carefully use "BigInt" just where necessary for consensus.

Language: JS