This week the cryptocurrency community has been discussing and dealing with the critical vulnerability that was found in the Bitcoin Core (BTC) reference client. Many observers are calling the bug one of the worst issues BTC has had in years, comparing the exploit to the March 2013 mandatory hard fork. In fact, in the eyes of many, the network is still vulnerable to massive inflation from an attack that costs a mere 12.5 BTC ($83,000).
Peter Todd: ‘The Most Dangerous Time Is Not *Prior* to It Being Patched, but Rather *While* It Is Being Patched’
“The recent DoS vulnerability in Bitcoin, the most dangerous time is not *prior* to it being patched, but rather *while* it is being patched,” explains Todd. “Why? Because we have multiple implementations with different behavior, and thus potential chain splits — A 100% DoS crash is safer.”
So take the time this weekend to upgrade your nodes if you haven’t already, to get us back to ~%100 of the nodes running essentially the same implementation, and (hopefully!) the same protocol.
Theymos: ‘Updating to 0.16.3 is REQUIRED, and Anything Less Than 200 Confirmations Has a Low Probability of Being Reversed’
On the Reddit forum r/bitcoin, Theymos explains that new information on the Core bug has escalated the importance of upgrading. “Updating to 0.16.3 is REQUIRED,” Theymos emphasizes in a stickied Reddit post. Moreover, Theymos says transactions with less than 200 confirmations have more of a probability they could be reversed. The stickied post written by Theymos stirred up an argument online on whether or not the upgrade was “forced.”
“For the next week, consider transactions with fewer than 200 confirmations to have a low probability of being reversed (whereas usually there would be essentially zero probability of eg. 6-conf transactions being reversed),” explains Theymos.
“Watch for further news. If a chain split happens, action may be required,” Theymos adds.
Furthermore, the Core contributor Matt Corallo explains that he believes most of the companies and mining pools have upgraded to the latest Core release that contains the patch.
“Now I can breathe — No attempts to exploit,” Corallo explains on Twitter. “Most hash power upgraded — Most companies upgraded.”
Luke Jr: ‘It’s Not Too Late for Bitmain to Exploit It — the Network Has a Long Way to Go Until We’re Safe Again’
Even the Core developer Luke Jr says it’s not too late for miners to exploit the vulnerability, but also smears the mining pool Bitmain while he explains the network is still not safe.
“Unfortunately, it’s not too late for Bitmain to exploit it — The network has a long way to go until we’re safe again,” Luke Jr states on Twitter. When asked what he thinks Bitmain would do if they chose between option A: create inflation and destroy the bitcoin network, and dump the price, or option B: fix the bug and maintain network and price stability.” Luke Jr believes Bitmain might choose option A.
“Considering the situation Bitmain is in, option A might be very tempting,” explains the Core developer.
Jameson Lopp: ‘[Upgrade] Optional, but Recommended if You Disagree With Unbounded Inflation and Crashes’
“Exactly — Nobody is required to upgrade, anyone can audit the code before doing so,” Core contributor Eric Lombrozo explains in a response. “Critically, there are no deviations from expected consensus behavior — Language matters.”
The recent 2018 Core CVE is still being debated ferociously online in regard to whether or not the network is safe, if people really need to upgrade, and if the bug was handled correctly. As far as everyone saying it wasn’t a “big deal” most of the comments online from both developers and crypto-luminaries suggest the vulnerability was and still is an issue until everyone updates.
What do you think about the critical bug found in the Bitcoin Core client? What do you think about the debate over whether or not it was a big deal? Do you think this is a forced upgrade? Let us know your thoughts on this subject in the comment section below.
Images via Shutterstock, Pixabay, Bitcoincore.org, and Twitter.
Need to calculate your bitcoin holdings? Check our tools section.
The post Crypto-Community Debates Bitcoin Core Bug and a ‘Forced Upgrade’ appeared first on Bitcoin News.