One of the most serious bugs in bitcoin – both of them, including derived networks like litecoin – has now been fixed.
Node operators are urgently asked to upgrade immediately to the new Bitcoin Core release or if they on BCH to the new BitcoinABC release. Bitcoin Unlimited was unaffected. Litecoin has also merged a fix.
Miners, therefore, have now probably upgraded, but Andrea Suisani, a Bitcoin Unlimited developer, publicly says:
“60% of BTC nodes (to be conservative) are not updated, i.e. an attacker could crash them remotely. On LTC the fixed code has not even be released, DASH released a patched version two hrs ago. The way core dealed with the bug seemed pretty dangerous to me.”
It seems Matt Corallo of Chaincode Labs is to be blamed for this bug, as well as a number of other Bitcoin Core devs who approved of it, including Gregory Maxwell who did so without any testing. In fact, on the surface, it looks like none of them tested this code change proposed on Halloween 2016.
The change in question removed “duplicate-input check from CheckTransaction” with the apparent aim of saving “about 0.5-0.7ms during CheckBlock.”
That saving of half a second in checking blocks means bitcoin in particular was very vulnerable to at least temporarily being brought down due to their use of FIBRE, a centralized block propagation network for bitcoin miners.
For the past two years, but now no longer, a bitcoin miner could have designed a block which would have brought down all other mining nodes, with the potential effects here considerable if the miner was so minded.
Thankfully, there was no such block, with the bug now fixed by adding a check of transactions for duplicated inputs (pictured), otherwise known as double spending.
That in effect seems to re-instate what Matt Corallo removed two years ago, with some suggesting it could have been possible to effectively print bitcoin out of thin-air while these checks were not carried out.
This has not occurred, with some suggesting such bitcoin printing was not possible as the nodes would crash.
It is however quite astonishing that this bug made its way to the code, when one would think the developers who proposed it and approved it would have most likely known the effects of their proposal.
Moreover, the apparent lack of testing leaves us no option but to raise the suggestion that this bug was perhaps intentionally merged into Bitcoin Core with the potential aim of it being utilized in the case of a chain-split.
Matt Corallo himself, during the height of the blocksize debate, told miners there were catastrophic bugs which could be exploited in the case of a chain-split.
This bug may have further been the cause of a recent price fall in bitcoin from $6,500 to $6,200. On September 17th, bitcoin suddenly started moving downwards, with other cryptocurrencies following. On September 17th, the pull request to fix this bug was made.
The bug itself was privately revealed presumably earlier by an anonymous whitehat coder. When exactly is unclear, but it may have been on the same day, with Mr. Corallo stating:
“The bug was disclosed to other projects simultaneously to it being disclosed to us. We tried to coordinate timelines for release but sadly didn’t want to wait much past EST business hours to get people patched so ran out of time.”
It is unclear whether there will now be some sort of analysis and a public report on what exactly happened, why it happened, and what will be done to ensure the chances of it happening again are reduced if not eliminated.
That’s because the bug was quite serious, although the funds were safe, and the oversight appears to be very basic, perhaps even too basic.