Inside money, markets, and big tech

Bitcoin devs warn of possible chainsplit following severe DoS vulnerability

It's going to be a long week...

Bitcoin BTC Core developers have issued an important statement to the entire community, as the fallout from a recently disclosed DDoS vulnerability intensifies.

The vulnerability, which researchers disclosed earlier this week, made it possible for miners to sabotage the Bitcoin network by sending transaction data twice. The Bitcoin development team now warns that while the bug has been fixed, there are still some risks involved.

“[…] There is currently a small risk of a chainsplit. In a chainsplit, transactions could be reversed long after they are fully confirmed,” the warning reads. “Therefore, for the next week or so you should consider there to be a small possibility of any transaction with less than 200 confirmations being reversed.”

“Please watch for further news,” it concluded. “If a chainsplit happens, action may be required.”

A “chainsplit” occurs when two or more versions of a blockchain exist at any one time. All competing versions share an identical history up until the point at which they split.

It is possible for chainsplits to be triggered by incompatibilies between different versions of full node software.

A similar incident happened way back in 2013, when an unintentional fork separated Bitcoin into two networks for six hours.

Bitcoin Core devs also released a full disclosure statement regarding the DoS attack vector. It details the entire situation, from initial submission to eventual distribution of the fix.

While developers have issued a patch – it is up to the individual node operators to implement the fix. As long as there are nodes running unpatched versions, the integrity of the Bitcoin network remains in question.

If you’re interested in everything blockchain, chances are you’ll love Hard Fork Decentralized. Our blockchain and cryptocurrency event is coming up soon – join us to hear from experts about the industry’s future. Check it out!

Published September 21, 2018 — 12:29 UTC