Hyperbridge is a hyper-scalable coprocessor for verifiable, cross-chain interoperability. A critical vulnerability was discovered in the ismp-grandpa crate, that allowed a malicious prover easily convince the verifier of the finality of arbitrary headers. This could be used to steal funds or compromise other kinds of cross-chain applications. This vulnerability is fixed in 15.0.1.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| ismp-grandpa(crates.io) | 0 | 15.0.1 | N/A |
| grandpa-verifier-primitives(crates.io) | 0 | 0.1.2 | N/A |
| grandpa-verifier(crates.io) | 0 | 0.1.2 | N/A |
CVSS Metrics
