Near patches critical bug that could crash every node on the network
Researchers identified a critical vulnerability in NEAR’s peer-to-peer networking protocol that had the potential to crash any node on the network. Fortunately, the issue was addressed and patched before any malicious actors could exploit it. This proactive fix helped maintain the security and stability of the NEAR ecosystem, protecting it from potential disruption.
Near Protocol, a popular smart contract platform, was found to have a significant vulnerability that could have allowed an attacker to crash every node in the network, potentially causing a complete shutdown. This vulnerability was discovered by blockchain security firm Zellic, which reported the issue in a September 26 report. Zellic dubbed the flaw the “Web3 Ping of Death” due to its capacity to disable the entire network almost instantly.
The flaw was quietly patched in January, safeguarding the network from potential attacks. However, the report notes that similar vulnerabilities could still exist in other blockchain networks.
Researchers uncovered the issue while analyzing Near’s peer-to-peer networking protocol for validator nodes, which is crucial for the communication and validation processes between these nodes. Validators on the network authenticate each other through a “handshake” process, using one of two cryptographic signature types: Ed25519 and SECP256K1.
While the Ed25519 signature verification functioned correctly, the SECP256K1 signature caused a “panic” response, leading to the node crashing. This flaw in the verification process made the entire network vulnerable until it was fixed.
Having discovered this flaw, the researchers were surprised that it had not either been caught previously in tests or else crashed the network already.
The reason was more good luck than good management. It turns out that Near node software has “no code path that allows a Near node to generate SECP256K1 type keys.” In other words, the software allowed nodes to accept SECP256K signatures but didn’t allow them to produce such signatures.
As a result, no node had ever accidentally crashed the network by creating SECP256K keys and attempting to connect to another node.
Even so, a malicious node could alter the software to allow SECP256K keys to be generated. Once they did, they would have the power to crash any Near node simply by attempting to connect to it. The result could take down the entire network, constituting a “Web3 Ping of Death.”
Related: Solana outage triggers ballistic reaction from the crypto community
Zellic discreetly reported the Near Protocol vulnerability to the Near development team in December via HackenProof’s bug bounty platform. In recognition of the discovery, Near rewarded Zellic with $150,000 and promptly patched the node software in January. This quick action ensured the vulnerability was resolved before any attackers could exploit it, turning a potential crisis into a success story.
Unfortunately, not all blockchains have been as fortunate in avoiding network crashes due to vulnerabilities. For instance, in December, the Arbitrum network experienced a 78-minute outage, halting all transactions. The downtime was attributed to a sudden surge in inscription minting, which overwhelmed the network.
Similarly, in January, around 50% of Cardano nodes went offline due to an unexpected “anomaly,” which slowed block production and led to longer transaction confirmation times. However, the disruption did not completely crash the network.
Solana, on the other hand, has faced repeated network issues. In February, the network failed to produce a block for over 25 minutes, marking yet another in a series of outages that have drawn criticism from its user base. These incidents highlight the ongoing challenges faced by blockchain networks in maintaining stability under various stress conditions.