Crypto-Community Debates Bitcoin Core Bug and a ‘Forced Upgrade

[rhubygold23]

This week the cryptocurrency community has been discussing and dealing with the critical vulnerability that was found in the Bitcoin Core (BTC) reference client. Many observers are calling the bug one of the worst issues BTC has had in years, comparing the exploit to the March 2013 mandatory hard fork. In fact, in the eyes of many, the network is still vulnerable to massive inflation from an attack that costs a mere 12.5 BTC ($83,000).

Also read: Critical Bug Found in Bitcoin Core Invokes the Multiple Client Argument

Peter Todd: ‘The Most Dangerous Time Is Not *Prior* to It Being Patched, but Rather *While* It Is Being Patched’

The Bitcoin Core (BTC) community has been dealing with a critical vulnerability over the past few days. News.Bitcoin.com reported on the bug two days ago and some BTC supporters said because the exploit was patched now, “it wasn’t a big deal” anymore. However, if one was to observe social media and forums they would find that CVE-2018-17144 was a very big deal, and still to this day the bug poses a threat to the BTC network because not everyone has upgraded. Throughout yesterday and today, there are many subjective valuations from crypto-devs and well-known community members. For instance, the software developer Peter Todd explains the network can be the most vulnerable while the community is in the process of upgrading the recent patch. 

“The recent DoS vulnerability in Bitcoin, the most dangerous time is not *prior* to it being patched, but rather *while* it is being patched,” explains Todd. “Why? Because we have multiple implementations with different behavior, and thus potential chain splits — A 100% DoS crash is safer.”

WHAT DO YOU THINK?

THIS IS THE SOURCE: https://news.bitcoin.com/crypto-community-debates-bitcoin-core-bug-and-a-forced-upgrade/

[densuj]

​​The recently fixed CVE-2018-1744 bug in bitcoin’s network was used to issue 235 million Pigeoncoin (PGN) coins.

The coins put into the market make up almost a quarter of the PGN market offer, which currently holds 1,446 place in the Coinmarketcap rating. The coin is represented on the little-known exchange CryptoBridge, which, at the time of the elimination of the bug, suspended the trade of this coin.

Thus, the threat that the bug carried in itself for two years turned out to be quite real. As the Bitcoin Core developers note, the exploitation of the vulnerability allowed an attacker to disrupt almost 90% of the first cryptocurrency network nodes.

The bug appeared in the Bitcoin Core version 0.14.0, which was released in November 2016, and affected all subsequent versions up to 0.16.2. Its operation made it possible to disrupt the network when trying to validate a block containing a transaction that tries to spend the same input twice. Such a block would be invalid and could only be created by miners who are ready to refuse the loss of a 12.5 BTC reward, over $ 80,000.

Another confirmation of the threat posed by CVE-2018-1744 is the fact that last week an unknown person performed a double write-off operation of 0.1 BTC in a bitcoin test network. According to experts, one of the network members did not update the software and this led to the appearance of two versions of the testnet on block No. 1414411.

In the updated test network, the block with the same number contained 195 transactions and was produced an hour later. The main Bitcoin network was not affected.