Reading: Nobody Interested in Working on Litecoin Protocol, Says Charlie Lee

Bitcoin Technology

‘Very Scary’: Bitcoin Core Developers Confirm Duplicate Transaction Bug Fix

Wilma Woo

Wilma Woo | Sep 19, 2018 | 09:00

Bitcoin Core Bitcoin Technology

‘Very Scary’: Bitcoin Core Developers Confirm Duplicate Transaction Bug Fix

Wilma Woo

Wilma Woo | Sep 19, 2018 | 09:00

Send
Share

Bitcoin developers released a new version of the Bitcoin Core client September 18 after fixing a “very scary” bug which could have seen a malicious party take many nodes offline.

Upgrade ‘As Soon As Possible’

In release notes for Bitcoin Core version 0.16.3, Wladimir van der Laan confirmed the vulnerability, known as CVE-2018-17144, had received an effective patch. The Bitcoin Core client remains the most popular comprising over 94% of all Bitcoin software implementations today. 

“A denial-of-service vulnerability… exploitable by miners has been discovered in Bitcoin Core versions 0.14.0 up to 0.16.2,” he summarized.

“It is recommended to upgrade any of the vulnerable versions to 0.16.3 as soon as possible.”

CVE-2018-17144 could technically have allowed a malicious miner or group of miners to perform duplicate transactions and burn block rewards, forcing nodes off the network in the process.

Cobra, the creator of information resource Bitcoin.org, said the bug even had the potential to create chaos in a “huge chunk” of the ecosystem.

“A very scary bug in Bitcoin Core has just been fixed which could have crashed a huge chunk of the Bitcoin network if exploited by any rogue miners,” he wrote on Twitter.

Bug’s Origin Remains Murky

Other than the official release notes, developers have yet to publicly explain the origin and circumstances around the offending code. On Github, fellow Core developer Andrew Chow remained brief, telling users only that a “third party” reported the bug.

“The bug was disclosed to other projects simultaneously to it being disclosed to us,” Matt Corallo added.

Bitcoin Core bugs rarely create a sense of urgency within the community, making the discovery of CVE-2018-17144 an unusual exception.

As Bitcoinist reported, however, code problems regularly afflict the cryptocurrency’s spin-offs, with Bitcoin Cash frequently coming under suspicion over the strength of its infrastructure.

An ongoing attempt to ‘test’ the network from an entity known as BitPico continues.

What do you think about the Bitcoin Core bug? Let us know in the comments below!

Images courtesy of Shutterstock, Twitter

BitStarz Player Lands $2,459,124 Record Win! Could you be next big winner?

Tags: , , , ,
Send
Share
Bitcoin scale
Bitcoin Technology

Bitcoin Has A Wealth Distribution Problem – Or Does It?

Yesterday saw what was gearing up to be an interesting debate on whether Bitcoin has a problem with wealth inequality. Stemming from a statistic provided by Civic CEO, Vinny Lingham...

Emilio Janus | 4 days ago
Kik ICO trial
Bitcoin Technology

Kik ICO Trial: Lawyers Issue 130-Page Response Claiming SEC...

Canadian instant messaging company, Kik, has hit back at the US regulator trying to sue its ICO with a giant public document. Kik Implies ICO Trial Was SEC Publicity Stunt Following...

Anja van Oosterhout | 2 weeks ago
lapps lightning network bitcoin
Bitcoin Technology

Bitcoin Lightning Network Expands 100% In H1 2019

Bitcoin’s Lightning Network (LN) has almost doubled its node count and capacity in the first half of 2019, new data shows. Bitcoin Lightning Doubles In H1 Statistics from monitoring...

Anja van Oosterhout | 2 weeks ago
Show comments