Bitcoin’s core developers discovered a vulnerability in its software that would have allowed a miner to insert a “poisoned block” in its blockchain, which would have crashed the nodes running the Bitcoin software around the world, reports Vice’s Motherboard.
“For less than $80,000, you could have brought down the entire network,” Emin Gün Sirer, an associate professor of computer science at Cornell University told me over the phone. “That is less money than what a lot of entities would pay for a 0-day attack on many systems. There are many motivated people like this, and they could have brought the network down.”
Notably, the bug was not in the Bitcoin protocol itself but in its most popular software implementation. Some cryptocurrencies built using Bitcoin Core’s code were also affected—for example, Litecoin patched the same vulnerability on Tuesday.
Documentation describes the bug as a “denial-of-service vulnerability” that was introduced into Bitcoin Core in an update last year. The vulnerability essentially allowed miners—the people who run computers 24/7 to guess a number that adds a block of Bitcoin transactions to the blockchain for a reward—to create a kind of poisoned block by including a transaction that attempts to spend the same coins twice. This poisoned block could then be sent around the Bitcoin network, crashing the software of any user that receives it.
On Tuesday the developers released a patch to fix the problem.
Image: Shutterstock