Found Archives -
Plies was arrested after a gun was found in his carry-on bag as he was trying to board a plane in Tampa … TMZ has learned. Law enforcement sources tell us the rapper was getting a bag scanned Wednesday morning at Tampa International Airport…
Over the last 24 hours, the cryptocurrency community has been discussing a critical vulnerability that was found in the Bitcoin Core (BTC) reference client. A bug introduced in Bitcoin Core version 0.14, that also affects all subsequent versions, could have caused a great majority of current Core nodes to crash. According to the developer’s Optech newsletter, Core contributors released a patch that fixes Core version 0.16.2 and the latest 0.16.3 fix requires an immediate upgrade.
An Anonymous Individual Discloses a Critical Bug Found in Bitcoin Core Clients
The whole community is talking about a vulnerable bug that was introduced into the Bitcoin Core reference client two years ago. The issue found in Bitcoin Core software (patched now) versions 0.14 and above has brought about another heated discussion concerning the fallibility of developers, and using a single reference client as opposed to using multiple implementations. The bug in question went unnoticed for two years when it was introduced in November of 2016 and a great majority of Core contributors accepted (ACK) the change without many questions.
According to developers, the bugs’ patch release notes, and the Optech newsletter, an anonymous individual reported the bug to Core contributors. Essentially, the vulnerability found in Bitcoin Core software would have allowed a malicious actor with a mere 12.5 BTC to crash roughly 90 percent of Core nodes. The Fast Internet Bitcoin Relay Engine (FIBRE) baked into Core would have made matters worse because of the way FIBRE propagates blocks.
“[CVE-2018-17144] A bug introduced in Bitcoin Core 0.14.0 and affecting all subsequent versions through to 0.16.2 will cause Bitcoin Core to crash when attempting to validate a block containing a transaction that attempts to spend the same input twice,” explains the Optech newsletter.
Such blocks would be invalid and so can only be created by miners willing to lose the allowed income from having created a block (at least 12.5 XBT or $ 80,000 USD).
Are Bugs and Exploits a Compelling Argument for Multiple Clients?
Of course, the bug started a ferocious debate in regard to the BTC community putting Core developers up high on a pedestal all these years. Further, the bug re-invoked a compelling argument for multiple clients. For example, Bitcoin ABC released a patch for the vulnerability two days ago, but both Bitcoin XT and Bitcoin Unlimited were unaffected by the issue. On Reddit Bitcoin Unlimited’s Peter Rizun has emphasized this is why having multiple implementations is a good idea.
“Wow, isn’t this one of the most serious consensus bugs ever? It affects all BTC Core nodes and the only thing preventing unbound inflation is the fact that the nodes crash, taking down the entire BTC Core network instead,” Rizun says on September 19.
Maybe multiple implementations aren’t such a bad idea, after all, Greg Maxwell? I think only ABC is affected for Bitcoin Cash.
The issue people have with a majority dependence on one reference client, is because some people say history has shown that alternative clients can be very beneficial when critical bugs are discovered, like the one introduced in Bitcoin Core 0.14. For instance, when over the last couple of years consensus bugs were found in Ethereum’s Geth, the network still had Parity clients to rely on and vice versa.
At the time of writing, there are 9628 nodes running on the BTC network and 9135 are Bitcoin Core nodes. That’s 94 percent of the BTC network running one reference client and every node is affected by any issues found within Core’s codebase. This means bugs not only have to be fixed fast, but mandatory upgrades have to be speedy too. In contrast to the BTC network dominated by Core nodes, there are currently 2006 nodes running on the BCH network but only 59 percent are Bitcoin ABC nodes. So much like the ETH network, client diversity gives BCH 738 Bitcoin Unlimited (BU) nodes covering 39 percent of the network.
Additionally, according to a comment on r/bitcoin, Lightning Nodes could also be vulnerable to attacks due to the recent Bitcoin Core bug.
The recent bug confirms to many cryptocurrency proponents that being dependent on one development team’s QA process, as opposed to client diversity and multiple development teams, can be extremely risky — Especially when an exploit like this is found in production and tethered to a $ 100 billion dollar system.
What do you think about the bug found? Do you think multiple clients is a better way to avoid bugs and exploits? Let us know what you think about this story in the comment section below.
Images via Shutterstock, Twitter, and Coindance nodes.
Want to create your own secure cold storage paper wallet? Check our tools section.
The post Critical Bug Found in Bitcoin Core Invokes the Multiple Client Argument appeared first on Bitcoin News.
Americans know the Nina, the Pinta, and the Santa Maria; in Australia, the Endeavour is the ship that’s burned into memory. It set sail from Plymouth, England, in 1768 with Captain James Cook at the helm and was in 1770 the first European ship to chart parts of Australia during…
The body of a Wyoming field guide who was mauled by a bear while hunting elk has been found. Per USA Today , 37-year-old Mark Uptain and his client, Corey Chubon, shot an elk Thursday in Teton Wilderness but were initially unable to find the animal. When they returned to the…
A 10-year-old girl was found dead Friday, authorities say, more than a week after she was reported missing in a remote Inupiat Eskimo town on Alaska’s northwestern coast. Per the AP , Ashley Johnson-Barr’s remains were found east of Kotzebue, Alaska State Troopers said. Late Friday, FBI spokeswoman Staci Feger-Pellessier said…
“Sorry, your stamp is not what you think it is. It’s not that special.” Workers at the Philatelic Foundation in Manhattan often say such things when shown an unusual postage stamp, but this time foundation curator Lewis Kaufman wasn’t so sure. A recent cellphone photo of an “Inverted Jenny”—the…
Maryland prosecutors say they prepared a very strong case against Tyler Tessier that would surely have sent him to prison for the murder of his pregnant girlfriend last year —but they don’t need it anymore. Tessier was found hanged in his cell at Montgomery County Correctional Facility on Thursday, the…
Two women in their 20s were found dead in an apartment across the street from the University of Washington campus in Seattle on Tuesday, Fox News reports. Police say building managers found a seriously wounded woman inside the apartment Tuesday morning, and responding officers arrived to find both women dead….
A two-year-old Florida boy was found dead in a wooded area Tuesday, two days after he was reported missing.