Until now, anybody may have introduced down the entire Bitcoin blockchain by flooding full node operators with site visitors, by way of a Distributed Denial-of-Service (DDoS) assault.
“A denial-of-service vulnerability (CVE-2018-17144) exploitable by miners has been discovered in Bitcoin Core versions 0.14.0 up to 0.16.2.” the patch notes state. “It is recommended to upgrade any of the vulnerable versions to 0.16.3 as soon as possible.”
Developers have issued a patch for anybody operating nodes, together with an enchantment to replace the software program instantly.
As far as the assault vector in query goes, there’s a catch: anybody ballsy sufficient to attempt to deliver down Bitcoin must sacrifice nearly $80,000 value of Bitcoin so as do it.
The bug pertains to its consensus code. It meant that some miners had the choice to ship transaction knowledge twice, inflicting the Bitcoin community to crash when trying to validate them.
As such invalid blocks must be mined anyway, solely these keen to ignore block reward of 12.5BTC ($80,000) may truly do any actual harm.
While this definitely appears unlikely (barring any digital Tyler Durden-types simply eager to see one thing lovely die), it does elevate eyebrows. The nice defence of Bitcoin is that it’s far too decentralized to be introduced down by any single entity.
Prolific speaker and cryptocurrency advocate Andreas Antonopolous weighed in on the vulnerability in a tweetstorm. He defended the high quality of Bitcoin’s improvement, contemplating its open supply nature.
He was notably enamoured by the group’s rigorous dedication to checking code high quality. While the scenario was absolutely harmful, it may have been manner worse – particularly if new, buggy cryptocurrencies has determined to fork the Bitcoin Core model vulnerable to DDoS.
Ironically, some are outraged that exploit code was used to assault BU nodes. Consider if this code was held again till 20 blocks right into a fork
— Andreas M. Antonopoulos (@aantonop) March 15, 2017
It’s value mentioning that Bitcoin is hardly the solely cryptocurrency researchers have found kinks in lately. Indeed, a Bitcoin Core developer lately found a crippling flaw in Bitcoin Cash – a forked model of Bitcoin.
While by no means handy, responding appropriately to such potential risks is essential to sustaining the integrity of blockchain tech – particularly when reversing transactions isn’t an possibility.
But in the meantime, go forward and mark this present day as one more one we uncover simply how shut we had been to a Bitcoin collapse: disaster averted.
Published September 20, 2018 — 09:22 UTC