oz_merkle_tree Proof Verification on Internal Node #804
Description
The StandardMerkleTree.verify() function in the oz_merkle_tree library accepts any 32-byte value as a "leaf" without validating that it represents actual leaf data. This allows internal tree nodes to be used as "leaves" in merkle proofs, potentially enabling data forgery attacks. The Lido oracle's security is not affected as it only uses this library for tree generation, not proof verification. However, if the verify() function is used in future oracle implementations, developers must be aware of this vulnerability.