Bitcoin
$ 36,249
Ethereum
$ 1,230.5
Litecoin
$ 145.40

Severe Bitcoin Network Vulnerability Secretly Patched 2 Years Ago Comes to Light

The bug could have eroded Bitcoin’s credibility as the premier cryptocurrency.

“Severe” Bitcoin Bug Secretly Patched

According to a report by Coindesk, a previously undisclosed vulnerability in the Bitcoin Core software could have enabled hackers to compromise the network’s famed security, allowing them to steal funds, delay on-chain settlements and even split the network.

The bug was, however, quietly patched in 2018, the report reads.

Notably, the bug was first noticed by Braydon Fuller, a protocol engineer at cryptocurrency shopping site Purse. Fuller and Javed Khan – a core developer at Handshake protocol – recently published a paper that goes into the details of the bug.

Notably, the bug was given a severity of 7.8 out of 10 that is considered to be on the “higher scale” (9 or above is deemed “critical”). Speaking to Coindesk, Khan said the vulnerability was caused by “remote nodes” failing to clear invalid transactions from their memory.

Specifically, the inability to clear invalid transactions could have led to an aggressor spamming a target node with redundant data. This malicious practice is typically referred to as “uncontrolled resource consumption” that eventually forces the victim node to shut off.

Khan noted:

“There was no mechanism to make sure that the pending details of a transaction are valid or not. In certain cases you could fill up the remote memory with invalid transactions.”

Interestingly, the vulnerability could not be disclosed for about two years because the node operators took longer than expected to update.

Danger to the Lightning Network

Khan added that the said network vulnerability could have allowed an attacker to siphon funds from nodes possessing open channels on Layer-2 Bitcoin scaling solution, the Lightning Network.

Notably, Bitcoin Core versions 0.16.0 and 0.16.1 were affected by the bug and were duly fixed by Bitcoin Core developer Matt Corallo after Fuller disclosed the issue to the Core team in July 2018.

The report reads in part:

“The discovery by Fuller was followed by another Bitcoin bug addressed two months later in Bitcoin Core 0.16.3. Also a vector for a denial-of-service attack, one aspect of that bug allowed miners to ‘inflate the supply of Bitcoin’ as they could double-spend certain values, the Bitcoin Core team wrote at the time.”

In similar news, earlier this year, As reported how IOTA (MIOTA) had announced the successful patch of the vulnerability responsible for the Trinity Wallet hack that resulted in the loss of funds to the tune of $1.6 million at the time.

Related Posts

Leave a Reply

Newsletter

Subscribe To Newsletter

For updates and exclusive offers, enter your e-mail below.

Popular Posts

Man Accidentally Threw Away Hard Drive With 7,500 Bitcoins, Offers City $72 Million to Search Landfill
January 16, 2021By
Purchase Carbon Credits Tokens and Contribute to Planet Preservation with MOSS
January 16, 2021By
Crypto Futures Exchange Bakkt Going Public at a Valuation of $2.1 Billion
January 16, 2021By

Advertisement

Video Posts

In
Enhancing Global trade through Blockchain and Crypto
January 16, 20210
In
The Future of Blockchain and Crypto in 2021
January 13, 20210

Crypto Stats


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin36,249 0.05 % 2.48 % 10.05 %
Ethereum1,230.5 0.57 % 3.46 % 4.09 %
Tether0.9987 0.08 % 0.31 % 0.65 %
Polkadot17.75 2.99 % 21.10 % 81.52 %
XRP0.2816 0.19 % 0.76 % 14.46 %
Cardano0.3661 3.75 % 19.06 % 9.93 %
Litecoin145.40 0.46 % 0.01 % 18.27 %
Bitcoin Cash493.30 0.14 % 0.60 % 15.75 %
Chainlink20.43 0.35 % 8.14 % 15.51 %
Stellar0.2994 2.15 % 3.50 % 4.05 %