Thanks to a culture of responsible disclosure, Bitcoin developers have managed to keep their major coding mistakes quiet. For years, senior developers simply patched security holes while keeping their mouths shut and this silence prevented hackers from exploiting those vulnerabilities.
However, a new movement toward transparency is unveiling a fascinating history of coding mistakes in Bitcoin.
On January 14, 2021, Aaron van Wirdum announced the release of Bitcoin Core 0.21.0, a major upgrade of Bitcoin Core software. Wladimir van der Laan, then Bitcoin’s lead maintainer and second successor to Satoshi Nakamoto, signed the software release that merged over 600 pull requests into production and over the following weeks, miners and node operators manually upgraded their full nodes.
Fast forward to today, three and a half years since developers recommended node operators upgrade to 0.21.0. The current version of Core is 27.1.
As so much time has elapsed, they’ve decided to reveal the truth about that upgrade which not only enabled a number of positive features but also patched major bugs — including bugs that could have allowed hackers to steal bitcoin.
Wisely, developers stayed quiet while most node operators upgraded to 0.21.0 or above.
Today, Core versions like 21.0 and prior are considered ‘end of life’ in developer-speak. That means that they’re no longer maintained and their use by node operators is de minimis. Indeed, over 90% of Bitcoin nodes run software version 0.21.1 or above. There are still approximately 400 reachable nodes that still run version 0.21.1 — only slightly above this week’s disclosure — and have refused to upgrade for years.
Read more: Is it illegal to operate a Bitcoin Lightning node?
A new vulnerability disclosure policy
Many Bitcoin Core developers have adopted a new policy of security vulnerability disclosures. In early June, many agreed that it’s safe to disclose major safety issues that have been patched for at least 1.5 years. That policy permits them to disclose security bugs all the way through Bitcoin Core version 24.
They are proceeding deliberately from the beginning, starting with this week’s disclosure of major bugs affecting version 20 and below.
This disclosure affects approximately 426 nodes that are reachable today on the public Bitcoin network. This curious cohort runs four-year-old Core version 0.20.1 and is affected by the recently unveiled security bugs.
Here are the 10 mistakes that Bitcoin developers have admitted this week.
- Remote code execution due to bug in miniupnpc, patched with Core 0.12.
- Node crash denial-of-service from multiple peers with large messages, patched with Core 0.10.1.
- Censorship of unconfirmed transactions, patched with Core 0.21.0.
- Unbound ban list CPU/memory denial-of-service, patched with Core 0.20.1.
- Netsplit from excessive time adjustment, patched with Core 0.21.0.
- CPU denial-of-service and node stalling from orphan handling, patched with Core 0.18.0.
- Memory denial-of-service from large ‘inv’ messages, patched with Core 0.20.0.
- Memory denial-of-service using low-difficulty headers, patched with Core 0.15.0.
- CPU-wasting denial-of-service due to malformed requests, patched with Core 0.20.0.
- Memory crash in parsing BIP72 URIs, patched with Core 0.20.0.
Read more: Bitcoin Optech celebrates years of major fixes to Bitcoin vulnerabilities
Old yet serious mistakes
Most of these bugs would, if a node ran old versions of Core software, allow direct theft of funds if that node had bitcoin on the Lightning network. For example, denial-of-service and transaction censorship attacks would allow a hacker to prevent a node from broadcasting a justice transaction, allowing the hacker to close a Lightning channel with that node and steal all its bitcoin.
One bug (netsplit from excessive time adjustment) was even more serious, as it could allow an attacker to hard-fork a node’s version of Bitcoin and, therefore, possibly introduce a double-spending problem.
Later this month, developers intend to disclose patched bugs prior to Bitcoin Core version 22.0 and in August will disclose patched bugs prior to Core v23.0.