Bitcoin Core Developers Confirm and Fix Denial-of-Service Software Vulnerability Bug

The developers of Bitcoin made public on September 18, 2018, that they discovered and fixed a denial of service software bug on the network exploitable by miners. 

0

Developers of Bitcoin Core have moved to fix a software bug that could have presented a disaster for the world’s leading cryptocurrency.

Denial of service bug detected

The developers of Bitcoin made public on September 18, 2018, that they discovered and fixed a denial of service software bug on the network exploitable by miners.

Bitcoin Core Developers Confirm and Fix Denial-of-Service Software Vulnerability Bug
Denial-of-Service Attack Infographic

If the bug had been exploited, then it could be used to eliminate nodes and might even lead to the temporary unresponsiveness of a large part of the network. The Developers moved swiftly to repair this bug and released Bitcoin Core software version 0.16.3.

Wladimir van der Laan confirmed the vulnerability which was dubbed CVE-2018-17144 while also revealing that the bug had been patched. He stated that:

A denial-of-service vulnerability… exploitable by miners have been discovered in Bitcoin Core versions 0.14.0 up to 0.16.2.

He advised users to upgrade any of the vulnerable versions to 0.16.3 as soon as they can. The vulnerability could enable malicious miners to perform duplicate transactions on the network. By so doing, they can burn block rewards, and forcefully remove nodes off the network.

Cobra, the creator of information resource Bitcoin.org, commented that the bug had the potential to cause chaos in a large part of the Bitcoin ecosystem.

Regarding the origin of the vulnerability, it was believed to have been implemented in the Bitcoin Core version 0.14.0. This software update was released back in March of last year but the developers failed to notice the bug until a few days ago.

The discovery of the bug led developers quickly deploy a tested fix in less than 24 hours as it fears the bug could be exploited following its discovery.

Emin Gün Sirer, an associate professor of computer science at Cornell University, while commenting on this bug stated that with less than $80,000, the entire Bitcoin network could have been brought down.

He added that thankfully, the bug wasn’t noticed by miners as there are many of them out there that could have exploited this situation.

User funds safe

The developers stated that despite the risk, stored Bitcoins are not at risk from the bug.

Bitcoin users don’t have to do anything to protect their funds as the developers claim the vulnerability has been patched before it could be discovered and exploited by hackers.

However, those running full nodes have been advised to store their complete transaction history and then upgrade their software afterward.

If the flaw had been exploited, then the Lightning network could have been affected the most.

Blockstream engineer Gregory Sanders thus urged all those running Lightning to update their software as soon as they can or close their channels, though updating would be much easier.

Leave A Reply

Your email address will not be published.