David asks for a comment on the recent fall durability “CVE2018 1744”,andDavid says: “it’s hard to believe that such a critical bug could happen. What’s the post mortem and learning we are getting from this incident?
So,I haven’t studied this in great detail at the moment, so I can only give you a very brief overview.
But the bottom line is that a bug was discovered in Bitcoin core.And in fact this bug has been copied in other Bitcoin Forks,because a lot of the other forks use the same code base and even other coins. Andwhat this bug is, is it’s a transactionvalidation bug that affects the consensus rules. Andit allows miners,specifically, are the ones who can exploit this bug, to create atransaction thatisn’t properly validated, andeffectively has an extra input, if I’m not mistaken.
The worst case scenario is that you could createan amount of Bitcoin from nothing if this was exploited. It hasn’t been exploited,the bug was fixed before it was exploited, andit could also be used to create a denial of service attack against Bitcoin and causenodes to crash, so attacking the Bitcoin network.
So, David says: “it’s hard to believe that such a critical bug could happen”
Well,on the one hand, yes, a critical bug like thatit’s hard to believe it could happen, because of all of the review that happens on the code,and so many people running it, etc, etc. Not only thatit happened that it went unnoticed for almost two years and affected a broad range ofversions of Bitcoin core and other cryptocurrencies.From I believe 0.14 to 0.16.
Fortunately, it was discovered, and fortunately was discovered and responsibly disclosed which means that it was disclosed to thedevelopers in the encrypted message,so that it could not be exploited, until it was fixed. And it was fixed andfor that reason you need to upgrade if you’re running a Bitcoin node you need to upgrade to0.16.3 which is the version that containsthat fix. So I upgraded my node the day that the notification came out that there was a critical vulnerability that needed an upgrade.
Many of the nodes have upgraded, some have not yet. And those are still vulnerable to being remotelyshutdown, essentially calls to crash through a misformed transaction. Fortunately, none of theworst problems of this vulnerability have been exploited.
The bottom line is that the software that runs cryptocurrenciesin general is enormously complex andconsensus level code where everyone has to run by the same rules across adistributed system is the hardest form of software development that exists today.It’s probably close to (or one of the hardest). It’s probably close toyou know aerospace engineering andin terms ofevery tiny change the code could have far-reaching effect.
In this particular case, it was anoptimization in order to improve the processing time for blocks and this optimization had anunfortunate side effectand there was an error in the implementation, as far as I understand, that caused this bug to happen.We will continue to see bugs software has bug. There’s no such thing as bug-free software.
The important thing is to look athow serious the bugs are, and this was a very serious bug, how quickly they’re fixed,and whether they’re exploited, before they’re fixed, and if they are exploited what are the long-termconsequences of these bugs, and whether they have a lasting impact.
But arguably once again, we see that the network is very resilient.Blockchains are much more resilient than we thought and because of the dynamic nature of the system, because there’s lots of independentoperators running nodes,because there’s lots of developers who operating independently reviewing code, bugs are found bugs are fixed, andsystems are upgraded when things go wrong, and the system continues to run.
It didn’t kill a Bitcoin. It made it stronger. And that’s one of theaspects of Bitcoin, that continues to surprise me, is how resilient it is.