bitcoin developer Luke Dashjr today raised concerns about an alleged vulnerability in the btc Core software, drawing attention to an issue that could impact the integrity of the blockchain. In a post on
bitcoin Dev Implements Ordinal Spam Filter
Dashjr, one of the most prolific btc developers in the world, expressed his concerns via a mail on X (formerly Twitter), emphasizing the seriousness of the problem. He said: “PSA: 'Registrations' are exploiting a vulnerability in bitcoin Core to spam the blockchain. Since 2013, bitcoin Core has allowed users to set a limit on the size of additional data in transactions they transmit or withdraw (-datacarriersize). By obfuscating their data as program code, enrollments exceed this limit.”
Dashjr further explained the efforts made to address this issue in his own version of bitcoin Knots, highlighting the challenges he faced: “This bug was recently fixed in Knots v25.1. It took me longer than usual because my workflow was severely disrupted late last year (version 24 was completely skipped). bitcoin Core remains vulnerable in the upcoming v26 release. I can only hope it is finally fixed before version 27 next year.”
Ocean Mining, a company founded by Dashjr, echoed his sentiments and announced the integration of the latest version of bitcoin Knots. “We are pleased to announce that testing of Knots v25.1 has been successfully completed and is now deployed to production. Among other improvements, this update fixes this long-standing vulnerability exploited by modern spammers. “Our blocks will now include many more real transactions and will help put an end to the DoS attack taking place on the network.”
In particular, Luke Dashjr already warned about signups seven months ago when he called for the implementation of a spam filter, Bitcoinist reported. According to him, a mistake was made in the software because existing filters were not extended to Taproot transactions, he argued in an email. He added that “spam filtering has been a standard part of bitcoin Core since day 1.”
The end of ordinals and ORDI?
A user's query about the implications of fixing this bug led Dashjr to confirm “Correct”, implying that resolving this vulnerability would decrease the existence of Ordinals and BRC-20 tokens. However, he faced skepticism from others who suggested that miners would prioritize enrollment transactions for economic reasons. Therefore, Ordinals will only cease to exist when all miners and pools agree on the matter.
To this, Dashjr responded: “bitcoin works on the assumption that most miners are honest, not malicious. Additionally, spam-filtered blocks often have higher fees for some reason.”
f2pool co-founder Shenyu provided a contrasting view view to Dashjr, reminding everyone that “bitcoin is not ethereum and developers do not have full decision-making power.”
Shenyu is referring to the fact that bitcoin developers can make suggestions for code changes, but these must be approved by the network. Therefore, there is currently little chance of Dashjr succeeding with its initiative.
At the time of publishing, ORDI was trading at $48.01 after the price crashed -30% following Dashjr's listing on X.
Featured image from Blockchain Observatory, chart from TradingView.com
