Bitcoinj P2PKH and P2WPKH Verification Bypass Vulnerability

A vulnerability in the bitcoinj library, affecting versions prior to 0.17.1, allows for a bypass in the verification process for standard P2PKH and native P2WPKH transactions. The issue arises in the 'correctlySpends()' method within 'ScriptExecution.java', where the library incorrectly validates an attacker-controlled signature and public key. It fails to ensure that the public key corresponds to the output being spent, enabling any key pair to pass verification for arbitrary P2PKH and P2WPKH outputs. This vulnerability does not impact the SPV trust model, which does not verify input signatures.

Impact

Exploitation of this vulnerability allows an attacker to manipulate transaction verifications, potentially leading to unauthorized spends in applications that rely on bitcoinj for transaction validation.

Remediation

The vulnerability has been fixed in bitcoinj version 0.17.1, which is available on Maven Central. Users can update to this version to address the vulnerability.