Bitcoin Researcher Discovers Serious Blockchain Error


The BIGGEST Problem of Blockchain Technology (Not What You Think)

Bitcoin Researcher Discovers Serious Blockchain Error

Bitcoin Researcher Discovers Serious Blockchain Error

  • The researcher discovered a new vulnerability of the Bitcoin network

  • The problem was fixed 2 years ago, but also occurred this year

  • Other researchers talk about the vulnerability of the bitcoin blockchain

International consortium of news organizations developing transparency standards.

For two years, Bitcoin researcher and engineer Braydon Fuller kept secret the vulnerability he discovered, which was called INVDoS. He was afraid that hackers, upon learning about her, could steal tens of millions of dollars worth of bitcoins..

Found and fixed

Bitcoin Researcher Discovers Serious Blockchain Error

The Bitcoin blockchain vulnerability, dubbed INVDoS, is a classic denial of service (DoS) attack. While in many cases DoS attacks are harmless, they can seriously harm Internet-accessible systems, which must have a stable uptime to process transactions..

INVDoS was discovered in 2018 by Braydon Fuller, a Bitcoin protocol engineer. He revealed that an attacker can create corrupted bitcoin transactions, which, when processed by the nodes of the bitcoin chain, lead to uncontrolled consumption of server memory resources, which ultimately leads to the failure of the affected systems..

“At the time the problem was discovered, more than 50% of the publicly advertised inbound bitcoin nodes were at risk, and probably most of the miners and exchanges,” Fuller wrote in his study..

In addition, INVDoS affected not only the nodes of the Bitcoin blockchain, on which the Bitcoin Core software is running, but also the nodes on which Bcoin and Btcd are running. Other cryptocurrencies created on the Bitcoin protocol were also under threat: Litecoin and Namecoin.

The main danger was that hackers could take advantage of a system vulnerability and withdraw coins stored in wallets..

“This could be due to lost mining time or power consumption due to node shutdowns and block delays, or due to temporary network separation,” Fuller explained..

Fuller himself corrected the error two years ago, then reported it only this summer, when the vulnerability was again discovered by another specialist – Javed Khan. Khan reported the bug to Decred’s bug bounty program, and it was eventually revealed to the world last month..

Bitcoin network remains vulnerable

The INVDoS attack is not the only problem with the bitcoin blockchain. Earlier, BeInCrypto reported that scientists at the Hebrew University of Jerusalem, John Harris and Aviv Zohar, identified a new vulnerability in the Bitcoin network, which is used by fraudsters to steal crypto coins. In their article, they describe a new systemic attack related to the Lightning Network extension that can be used by cyber criminals to steal bitcoins..

Bitcoin Researcher Discovers Serious Blockchain Error

The Lightning Network extension has access to the blockchain and can be used by fraudsters to steal cryptocoins, but so far no one has done enough in-depth research on this issue. As a result, Harris and Zohar were the first to experiment and try to withdraw bitcoins during network congestion..

Another problem that Bitcoin users may face is double spending. The new threat, dubbed BigSpender, allows attackers to reverse a Bitcoin transaction that banks cannot identify. The main issue at the heart of the BigSpender vulnerability is that vulnerable wallets are not prepared for a transaction to be canceled and assume that it will eventually be confirmed. As a result, attackers can create and reverse dozens of transactions..

As previously stated by BCH proponent Hayden Otto, the double-flow technique is facilitated by the RBF (Replacement for Fee) feature added at the protocol level by the Bitcoin Core developers..

“The problem exists if you are using BTC. The wallet software only conducts transactions, trying to protect the users of the MTC from negative consequences, “he said..


All information contained on our website is published in good faith and objectivity, and for informational purposes only. The reader is solely responsible for any actions he takes based on the information received on our website..

Share Article

Similar articles

Similar articles