CVE-2026-41301 Overview
OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be issued before event signature validation. An unauthenticated remote attacker can send forged direct messages to create pending pairing entries and trigger pairing-reply attempts, consuming shared pairing capacity and triggering bounded relay and logging work on the Nostr channel.
Critical Impact
Remote attackers can exploit improper signature verification to flood pairing systems with forged requests, causing resource exhaustion and potential denial of service through pairing capacity consumption.
Affected Products
- OpenClaw versions 2026.3.22 through 2026.3.30
Discovery Timeline
- 2026-04-21 - CVE CVE-2026-41301 published to NVD
- 2026-04-21 - Last updated in NVD database
Technical Details for CVE-2026-41301
Vulnerability Analysis
This vulnerability is classified under CWE-347 (Improper Verification of Cryptographic Signature). The core issue lies in the order of operations within the Nostr direct message processing pipeline. The application processes and responds to pairing challenges before verifying the cryptographic signature of incoming events, allowing unauthenticated actors to trigger stateful operations.
The vulnerability affects the nostr-bus.ts extension component, where sender authorization was being invoked before signature verification was completed. This architectural flaw means that an attacker can submit forged Nostr DM events that will be processed by the pairing system even though they fail signature validation, creating resource consumption through pending pairing entries and relay work.
Root Cause
The root cause is improper ordering of security controls in the Nostr DM ingress handler. The authorizeSender callback was originally invoked before expensive cryptographic operations (signature verification), ostensibly as an optimization to reject unauthorized senders early. However, this created a window where forged messages could trigger pairing state creation before their signatures were validated.
Attack Vector
The attack vector is network-based and requires no authentication. An attacker can craft malicious Nostr DM events with arbitrary content and invalid signatures. When these events reach the OpenClaw instance, the pairing challenge system processes them before signature validation occurs, resulting in:
- Creation of pending pairing entries consuming shared capacity
- Triggering of pairing-reply attempts to potentially non-existent or attacker-controlled endpoints
- Bounded relay and logging work that consumes system resources
reply: (text: string) => Promise<void>,
meta: { eventId: string; createdAt: number },
) => Promise<void>;
- /** Called before expensive crypto to allow sender policy checks (optional) */
+ /** Called after signature verification and before decrypt to allow sender policy checks (optional) */
authorizeSender?: (params: {
senderPubkey: string;
reply: (text: string) => Promise<void>;
Source: GitHub Commit
Detection Methods for CVE-2026-41301
Indicators of Compromise
- Unusual volume of failed signature verifications in Nostr DM processing logs
- Rapid accumulation of pending pairing entries from unknown or suspicious public keys
- Increased relay traffic and logging activity without corresponding successful pairings
- Pairing capacity exhaustion alerts despite limited legitimate pairing activity
Detection Strategies
- Monitor Nostr event signature validation failure rates and alert on anomalous spikes
- Implement rate limiting on pairing entry creation per source public key
- Track pairing state table growth and establish baseline thresholds for alerting
- Audit relay connection attempts triggered by pairing replies to identify potential abuse
Monitoring Recommendations
- Enable verbose logging for the Nostr DM ingress path to capture signature validation results
- Configure alerts for pairing capacity utilization exceeding normal operational thresholds
- Monitor system resource consumption metrics (CPU, memory) for the Nostr extension components
- Establish baseline metrics for legitimate pairing activity to identify deviations
How to Mitigate CVE-2026-41301
Immediate Actions Required
- Upgrade OpenClaw to version 2026.3.31 or later immediately
- Review Nostr DM processing logs for evidence of exploitation attempts
- Clear any suspicious pending pairing entries that may have been created through this vulnerability
- Consider temporarily disabling Nostr DM pairing functionality if upgrade is not immediately possible
Patch Information
The vulnerability has been addressed in commit 4ee742174f36b5445703e3b1ef2fbd6ae6700fa4. The fix reorders the security control flow to ensure signature verification occurs before any pairing state is created or sender authorization callbacks are invoked. Users should upgrade to OpenClaw version 2026.3.31 or apply the security patch from the GitHub commit. Additional details are available in the GitHub Security Advisory.
Workarounds
- Implement network-level rate limiting on incoming Nostr DM events until patching is complete
- Configure firewall rules to restrict Nostr relay connections to trusted sources
- Monitor and manually clear pairing state tables to prevent capacity exhaustion
- Disable Nostr DM pairing functionality if it is not critical to operations
# Example: Rate limit Nostr connections using iptables
iptables -A INPUT -p tcp --dport 443 -m connlimit --connlimit-above 20 -j DROP
# Monitor OpenClaw logs for signature verification failures
journalctl -u openclaw -f | grep -i "signature verification"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
