Full Report
Simple Serialize (SSZ) is used by Ethereum clients in the consensus protocol and in P to P communication. The SSZ soundness depends on the involutive and injective property. The involutive property is that serializing a value then deserializing it will resolve to the original value. The injective property is that if A=B then serialized A should also equal serialized B. Some of these properties didn't hold, which resulted in a vulnerability. SSZ relies on offsets and lengths for encoded objects. For the serialized block information we want to send (SignedBeaconBlockDeneb) the object, there are multiple layers of nesting in order to properly transfer all information. Within a block, is a body. To go from the block of offset 0x64 and then the offset of the body in the block type of 0x54 puts us at 0xB8. The body contains its own set of values that have their own offsets in the block information. With this whole system of offsets to find objects, the serialization system works well. It should be a requirement that there are no gaps in the data. However, by changing the offsets around for objects (which have set lengths), ghost regions can be inserted into the data. By itself, this isn't a huge deal. However, not all clients function this way. Many of them will reject the block information outright even. Since Prysm acts one way (shown above) and Lighthouse acts another that rejects it, this will lead to a consensus failure in the protocol. Doing this does not modify the hash tree root at all either. When setting this up locally, it resulted in the network just stopping entirely. An interesting takeaway from the author: "Paradoxically enough, the same design choice of favoring multiple implementations has brought a new vulnerability class, that of “consensus bugs”, on which we hopefully shed some new light." Overall, a great article on a subtle difference in the Ethereum serialization code.
Analysis Summary
# Vulnerability: Ghost in the Block - SSZ Logic Discrepancy
## CVE Details
- **CVE ID**: Not specified in the article (Commonly referred to as a "Consensus Bug")
- **CVSS Score**: N/A (Historically, consensus-breaking bugs in Ethereum are treated as **Critical**)
- **CWE**: CWE-436: Interpretation Conflict, CWE-20: Improper Input Validation
## Affected Systems
- **Products**: Ethereum Consensus Clients
- **Versions**: Specifically identified in **Prysm** (up to v5.x) and **Lighthouse**.
- **Configurations**: Environments where multiple different client implementations must agree on the same serialized data for network consensus.
## Vulnerability Description
The vulnerability stems from an inconsistency in how different Ethereum clients implement the **Simple Serialize (SSZ)** specification. SSZ relies on offsets and lengths to decode nested objects.
- **The Flaw**: By manipulating offsets within a `SignedBeaconBlockDeneb` object, an attacker can insert "ghost regions" (gaps of arbitrary data) between valid fields.
- **Interpretation Conflict**:
- **Prysm**’s `UnmarshalSSZ` was found to be permissive, successfully deserializing blocks containing these gaps without error (violating the **involutive property**: `deserialize(serialize(A)) != A`).
- **Lighthouse** (and potentially others) strictly adheres to the specification and rejects these blocks as malformed.
- **Root Cause**: A failure to enforce that no gaps exist between data segments during the deserialization of variable-sized objects.
## Exploitation
- **Status**: PoC available (Base64 encoded "ghosty" object provided in research).
- **Complexity**: Medium (Requires deep understanding of SSZ offset math).
- **Attack Vector**: Network (P2P communication).
## Impact
- **Confidentiality**: None.
- **Integrity**: High (While the Hash Tree Root remains the same, the serialized representation differs, leading to non-deterministic states).
- **Availability**: **Critical**. Because one client accepts the block and another rejects it, the network fails to reach consensus. In local testing, this resulted in the network stopping entirely ("chain halt").
## Remediation
### Patches
- The research indicates that the issue was reported to the respective client teams. Users should update to the latest versions of **Prysm** and **Lighthouse** released after **September 2024**.
### Workarounds
- No viable workarounds exist other than updating the client software, as the flaw exists in the core consensus serialization logic.
## Detection
- **Indicators of Compromise**: Nodes reporting "Consensus Failure," sudden drops in finalized epochs, or specific "Offset out of bounds" or "Invalid SSZ" errors in Lighthouse logs while Prysm nodes continue to process the same block.
- **Detection Methods**: Differential fuzzing between client implementations to identify serialization mismatches.
## References
- Asymmetric Research: [https://blog.asymmetric.re/ghost-in-the-block-ethereum-consensus-vulnerability/](https://blog.asymmetric.re/ghost-in-the-block-ethereum-consensus-vulnerability/)
- Ethereum SSZ Specs: [https://github.com/ethereum/consensus-specs/blob/dev/ssz/simple-serialize.md](https://github.com/ethereum/consensus-specs/blob/dev/ssz/simple-serialize.md)