Stellar Core Audit: Path Payment & Offer Operations Missing Critical Asset Validity Checks

A security audit of the Stellar blockchain's core transaction processing code has confirmed a medium-severity vulnerability. The code responsible for executing path payment and manage sell offer operations lacks essential checks to validate the legitimacy of the digital assets involved. This omission creates a potential divergence in consensus behavior, where different network nodes could produce different results for the same transaction, undermining the deterministic foundation of the ledger.

The flaw is located within the `tx` crate of the Stellar Core software, specifically in the `validate_path_payment_strict_receive` and `validate_manage_sell_offer` functions. While these functions check transaction amounts and price parameters, they fail to call the existing `is_asset_valid` function. This function, which verifies if an asset ID corresponds to a legitimate, issued asset on the network, is only utilized in payment and clawback operations. Consequently, path payments and asset trade offers proceed without this fundamental validation step.

This missing check represents a consensus risk. If an invalid or non-existent asset ID is submitted in one of these operation types, nodes running the vulnerable code may process the transaction differently than nodes that have implemented the check, leading to a fork in the network state. While the audit notes the issue does not cause direct state corruption, the inconsistency in result codes between nodes is a critical flaw for a system requiring global agreement. The finding underscores the persistent challenge of ensuring uniform validation logic across all financial primitives in complex blockchain protocols.