🗞 NewsOn Tuesday, September 18th, the Bitcoin Core team released an urgent update to the Bitcoin full node software to patch a critical vulnerability. Initially, the vulnerability was reported only as a "Denial of Service" style attack, wherein a malicious miner could have created a block that would have crashed 90% of nodes in the network as it propagated. The vulnerability was introduced in late 2016, and affected Bitcoin Cash and Litecoin implementations as well. Link.
On Thursday, after all major Bitcoin mining pools had updated their software, it was revealed the bug was even worse than previously thought. Not only could the attacker have exploited the vulnerability to crash nodes and thus disrupt the network, they also could have used it to mint new Bitcoin out of thin air, inflating the 21 million coin hard cap. Link.
Frankly, Bitcoin dodged a bullet here. A modestly capitalized and competent attacker could have brought down the entire Bitcoin network, at least temporarily. It would have required massive coordination to get the network back on track and likely caused a severe crisis of confidence. It would be tempting to say this is the worst bug in Bitcoin's history, but surprisingly it probably comes in a close second. In 2010, an overflow bug allowed an attacker to mint billions of new Bitcoin, and it was actually successfully deployed! The network was so nascent, Satoshi himself simply coordinated a hardfork to resolve the issue. Link.
Perhaps no one was happier about Bitcoin's security woes this week than the folks behind Steem. The Delegated-Proof-of-Stake network, which rewards content producers with new coins, suffered a consensus failure that split the chain and ultimately resulted in the network being halted for a day while validators coordinated to fix the issue. The network is functioning again, and it avoided a nasty news cycle thanks to Bitcoin's issues. Link.
There are so many threads one could pull on related to this vulnerability. First, it should throw some cold water on the idea that Bitcoin's development and code review process are beyond reproach. As it turns out, even experienced, talented developers write bugs. Go figure! Second, it highlights just how real the possibility is that a software flaw could destroy Bitcoin, or any other cryptocurrency network. I think this remains an under-appreciated risk, even after this week.
The fact that the patch needed to propagate to only a handful of mining pool operators is also interesting. It demonstrates how centralized mining is, but also points to an upside of this centralization-- that ought to create some cognitive dissonance for those of us that value decentralization! This bug also highlights the tradeoff between a network with multiple widely used client implementations (like Ethereum) and just one (like Bitcoin). While the former puts you at risk for a chain-splitting consensus bug between implementations, a homogeneous network is more brittle in the face of these kinds of bugs. No easy answers, folks!
Finally, one last chilling thought to leave you with. If you were the head of the NSA, or of China's cyber intelligence agency, do you think you'd have a team looking for zero-day exploits in Bitcoin and other cryptocurrencies, just in case? I sure would! I wonder how many they already have in their back pocket? If and when an advanced nation-state decides to become truly hostile to crypto, things could get ugly, fast!