### Summary A vulnerability exists in Babylon’s BLS vote extension processing where a malicious active validator can submit a VoteExtension with the `block_hash` field omitted from the protobuf serialization. Because protobuf fields are optional, unmarshalling succeeds but leaves `BlockHash` as nil. Babylon then dereferences this nil pointer in consensus-critical code paths (notably `VerifyVoteExtension`, and also proposal-time vote verification), causing a runtime panic. ### Impact Intermittent validator crashes at epoch boundaries, which would slow down the creation of the epoch boundary bl…
GHSA-m6wq-66p2-c8pc: Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers
A vulnerability in Babylon's BLS vote extension processing allows malicious validators to cause runtime panics by omitting the block_hash field, leading to nil pointer dereferencing.