A major bug in the Bitcoin Core software, not to be confused with Bitcoin system, could have allowed attackers to steal funds, delay deals, or split the larger blockchain network into conflicting versions had it not been secretly fixed two years ago.
The bug in the code
An article published Wednesday by Braydon Fuller, a protocol engineer at the crypto shopping site Purse, and Javed Khan, a senior developer of the Handshake protocol, say they detected the vulnerability in June 2018.
The bug has been assigned a severity level of 7,8 on a scale of 1 to 10, which is considered "high" (9 and up is considered "critical"). The problem was caused by "remote nodes" failing to clear invalid transactions from their memory, Khan said.
Failure to cancel such transactions could lead to an attack that loads the victim node with stale data in what is referred to as "uncontrolled resource consumption," eventually causing the node to shut down, the document states.
Layer 2 (L2) solutions such as Lightning Network, the experimental payment system built on the Bitcoin blockchain, were at risk from this bug. The full nodes of Bitcoin, on the other hand, did not risk losing funds.
No attempts to exploit the problem have been revealed, Khan and Fuller wrote. The vulnerability has not been publicly disclosed for over two years as node operators took longer than expected to update, Fuller said.
Although the bug has been fixed, its disclosure highlights the difficulties of building a global monetary standard on human-made programming languages, not to mention the high technical barriers in developing the largest cryptocurrency in the world.
The problem in the code was inserted into Bitcoin Core in November 2017. About 50% of Bitcoin nodes at the time were potentially exposed to an attack, according to the document. Previous versions of Bitcoin Core have not experienced this type of problem.
Not just Bitcoin Core
Khan said the vulnerability could have allowed an attacker to steal funds from nodes that had open channels on Lightning. Bitcoin Core versions 0.16.0 and 0.16.1 were analyzed and corrected by developer Matt Corallo following Fuller's disclosure to the Core team in July 2018.
Bitcoin Core is the reference implementation, or standard version, of network software from which many others derive. According to the document, the bug could also have involved several other implementations of Bitcoin and its derivatives:
- Bitcoin Knots v0.16.0
- All beta versions of Bcoin up to v1.0.0-pre
- All versions of Btcd up to v0.20.1-beta
- Litecoin Core v0.16.0
- Namecoin Core v0.16.1
- All versions of Dcrd up to v1.5.1.
All of these implementations have been patched.
