If two blocks with the same message, but with a different signature, are quanrantined, only the latest one will be saved. As a result, an attacker can delete quarantined block by sending a malicious block with an incorrect signature
Exploit Scenario
Bob's node receive a message from Alice's node, for which he does not have the parent. The block is saved in quarantine. Eve sends to Bob a block with the same message, but an incorrect signature. As a result Alice's block is deleted, and Bob never receives the legitimate signature.
Mitigation Recommendation
Short term, review every usage of block.root and consider to either:
Change the key used in quarantine to be hash(message, signature) instead of root,
Or change root to be hash(message, signature) if it does not impact other components
Long term, thoroughly document the quarantine mechanism and take into consideration the impact of malicious actors on the queued blocks.
tersec
commented
4 years ago 
montyly
commented
3 years ago
Severity: Low Difficulty: Low
Description
A key mapping collision allows attackers to replace legitimate quarantined blocks with malicious block
When a block is received, it is checked with
clearance.isValidBeaconBlock: https://github.com/status-im/nim-beacon-chain/blob/3f9b408c65c03f52bfc755b35191685b5e8005f6/beacon_chain/block_pools/clearance.nim#L257-L260If the parent of the block is unknown, the block will be queued in quarantine: https://github.com/status-im/nim-beacon-chain/blob/3f9b408c65c03f52bfc755b35191685b5e8005f6/beacon_chain/block_pools/clearance.nim#L333-L341
quarantine.addstores the block in a mapping, whereblock.rootis the key https://github.com/status-im/nim-beacon-chain/blob/3f9b408c65c03f52bfc755b35191685b5e8005f6/beacon_chain/block_pools/quarantine.nim#L46-L49block.rootis the hash for the message, and does not include the signature: https://github.com/status-im/nim-beacon-chain/blob/3433c77c35f3025729ac9204ab6b91ea136dce9e/beacon_chain/ssz/bytes_reader.nim#L271If two blocks with the same message, but with a different signature, are quanrantined, only the latest one will be saved. As a result, an attacker can delete quarantined block by sending a malicious block with an incorrect signature
Exploit Scenario
Bob's node receive a message from Alice's node, for which he does not have the parent. The block is saved in quarantine. Eve sends to Bob a block with the same message, but an incorrect signature. As a result Alice's block is deleted, and Bob never receives the legitimate signature.
Mitigation Recommendation
Short term, review every usage of
block.rootand consider to either:hash(message, signature)instead ofroot,rootto behash(message, signature)if it does not impact other componentsLong term, thoroughly document the quarantine mechanism and take into consideration the impact of malicious actors on the queued blocks.