The ‘unknown person’ who notified the popular Bitcoin Cash developer Bitcoin ABC of the critical ‘Chain-Splitting’ bug has been revealed to be a Bitcoin Core (bitcoin’s primary software implementation) developer.
Cory Fields revealed in a Medium blog post how he anonymously reported the consensus bug, known as SIGHASH_BUG in April 2018. A so-called ‘chain-splitting’ bug, the vulnerability “would have allowed a specially crafted transaction to split the Bitcoin Cash blockchain into two incompatible chains,” wrote Fields.
Fields explained that “a portion of the transaction signature verification code was rewritten, but the new code omitted a critical check of a specific bit in the signature type. I refer to that bit in the disclosure as SIGHASH_BUG. This omission would have allowed a specially crafted transaction to split the Bitcoin Cash blockchain into two incompatible chains.”
The blockchain was open to being jammed with a block that would have caused complete consensus failure, halting transactions and crippling its utility and price. Cryptocurrency engineer Eric Wall took to Twitter, lambasting the project for having missed such a glaring vulnerability.
If BCH had successfully conquered the name "Bitcoin" and this consensus failure bug had been exploited live, losing people billions $$$, the reputational damage would have been irreparable not just for Bitcoin, but for the entire public trust in crypto.
Please respect the devs! https://t.co/u7ciLsHt0x
— Eric Wall (@ercwl) August 10, 2018
The big threat
Fields warned in the same post that the greatest threat facing Bitcoin is software development. Avoiding catastrophic software bugs is paramount in Bitcoins future as per the developer who works for MIT Media Lab’s Digital Currency Initiative.
“Working through this bug, which certainly had the potential for catastrophe, has reaffirmed my belief that the threat of software bugs is severely underestimated in the cryptocurrency world,” writes Fields. ”[This] is a real-world example of how much work is still required to reach the sophisticated level of engineering that cryptocurrencies require, and as a wake-up call to companies who have not adequately prepared for this type of scenario.”
Fields’ Personal safety
As he used his name for the disclosure, hard proof would exist that he had the knowledge and means to attack the network and no way to prove that he was not the attacker. Moreover, there is also the fact that collectively, billions of dollars could have been lost as a result of this exploit. “People have been killed for much less,” Fields added.
Fields wanted to submit the vulnerability anonymously since identifying oneself leaves the possibility of being accused of any exploits that might be perpetrated by a malicious actor. “There were no keys listed for any of the lead developers on the public PGP key servers where they would usually be found, and there were none present in their code repository either. At that point, I had no option other than to request keys anonymously through different online channels, using Tor to mask my identity as much as possible.” he wrote.
The tale of two Bitcoins
Proponents of Bitcoin and its competing cryptocurrency Bitcoin Cash, which was created as a “fork” of Bitcoin’s code and history, haven’t been in good terms. They regularly take to Social media channels to argue which coin is better and which one is more deserving of the “Bitcoin” name.
Bitcoin Cash has a history of ridiculing the original Bitcoin chain – known as Bitcoin Core for clarity purposes – and those developers who work on and promote it. Bitcoin.com owner Roger Ver, who is a major proponent of Bitcoin Cash along with others have been trying to convince the online community that their altcoin will usurp Bitcoin in the future citing technical superiority.
The irony of the news that Bitcoin Cash may well have floundered without help from Bitcoin Core was therefore not lost on many of the cryptocurrency space’s best-known names. “Once again Core devs had to save BCash. Play stupid games…,” commentator WhalePanda wrote, while developer Jimmy Song and economist Tuur Demeester joined those highlighting the event.
The right thing to do?
Fields related that he had begun to question if it was worth all the trouble While trying to figure out whether a completely anonymous disclosure was possible since he had no obligation to report it after all.
“But if someone had discovered an equally nasty bug in Bitcoin Core, I would hope that person would bring it to our attention as discreetly and securely as possible. So I decided to do exactly that: create the report I would want to read and deliver it as I would want to receive it.” said Fields
Several notable cryptocurrency figures lauded his effort, including Civic CEO Vinny Lingham who tweeted that “Responsible and ethical behavior by everyone in the community, regardless of ideological beliefs, should be applauded.” Vitalik Buterin, the co-founder of Ethereum, retweeted Lingham’s tweet. Fields’ example shows that it’s still possible to help each other out to the ultimate benefit of all and the importance of such a positive developer’s community.
Shiba Inu Price Prediction: How High can SHIB Price reach by 2030?
Bitcoin Immutability Is A Shared Myth- A Brief History Of Tx Reversals And Chain Rollbacks
Chinese Internet Security Company Finds Critical Vulnerabilities In EOS Blockchain
PEPE Coin Price to Reach $5 in the Next Seven Days?
Stellar (XLM) Silently Patched a 2.25 Billion XLM Inflation Bug in 2017
Crypto News Weekly: Bitcoin Core, PwC, Hard Forks And Much More
White Hat hacker has Discovered Vulnerabilities in Ethereum DApp Augur
John McAfee, the New CEO of Blockchain Project Luxcore (LUX)
Whiteblock Says EOS is Not a Blockchain
Ethereum – Constantinople Hardfork Goes Live
ETH Constantinople Hard Fork to Activate in February 2019
US Sanctions Virtual Currency Mixer Tornado Cash: What Will Be The Impact of This Crackdown?
Top 10 Cryptocurrency Experts To Follow On Twitter
What are Bitcoin Forks? Here’s a Deep Dive into what Forks are
Will Ethereum Constantinople Fork Occur by February 28th, 2019?
DeFi Aggregation And Automation Based Akropolis Protocol Launched On Ethereum
Is Ledger Putting Profit Over Security and Community Support?
You might also like
More from Blockchain
Crypto news: investment manager Valkyrie Funds LLC is now adding Ethereum futures to its existing Bitcoin futures exchange-traded fund.
What's next for Dogecoin? and can DOGE prices ascend to $0.080? Let's delve into this Dogecoin price prediction.
What lies ahead for Ethereum coin? Can Ethereum price soar to the highs of $2,000? This Ethereum price prediction sheds …