CVE-2023-34459

Name of the Vulnerable Software and Affected Versions OpenZeppelin Contracts versions 4.7.0 through 4.9.2

Description The issue allows constructing merkle trees that enable forging a valid multiproof for an arbitrary set of leaves when the verifyMultiProof, verifyMultiProofCalldata, processMultiProof, or processMultiProofCalldata functions are in use. A contract may be vulnerable if it uses multiproofs for verification and the merkle tree includes a node with value 0 at depth 1. This could happen inadvertently for balanced trees with 3 leaves or less if the leaves are not hashed, or deliberately if a malicious tree builder includes such a node. Contracts using single-leaf proving or multiproofs with known trees that have hashed leaves are not vulnerable. Standard merkle trees produced or validated with the @openzeppelin/merkle-tree library are safe.

Recommendations For versions 4.7.0 through 4.9.2, update to version 4.9.2 to resolve the issue. As a temporary workaround, consider hashing the leaves and not inserting empty nodes in merkle trees. Using the @openzeppelin/merkle-tree package eliminates this issue. Do not accept user-provided merkle roots without reconstructing at least the first level of the tree. Verify the merkle tree structure by reconstructing it from the leaves.