Last week, a bitcoin developer bitcoin-price-will-be-50k-in-april-2020-says-developer-luke-jr/” rel=”nofollow”>Lucas Dashjr raised the alarm about a possible vulnerability in the network regarding bitcoin Ordinals that could lead to a code exploit. After posting his findings on social media, Dashjr's warnings were not taken seriously as community members believed it was not a problem. However, the US government appears to be taking the vulnerability seriously and is adding it to its vulnerability database.
Dashjr finds vulnerability in bitcoin network
Dashjr had first raised the alarm about the bug on the bitcoin network on December 6 via a post on X (formerly Twitter). As the developer explains, this bug was related to btc registrations that have gained popularity in the last year. This capability has helped developers create what could be called bitcoin's version of non-fungible tokens (NFTs).
Delving deeper into the mechanism of Ordinals, Dashjr explained that Inscriptions were actually exploiting a vulnerability in the bitcoin Core. Developers can hide their data as program code, thus being able to avoid the preset limit on the size of additional data that can be included in btc transactions.
Dashjr explained that he was working to fix this issue. However, the vulnerability remains as developers can still create inscriptions on the network. Even after being fixed in “bitcoin Knots v25.1,” the developer explains that the vulnerability still remains “in the upcoming v26.” As for when the vulnerability could be fully fixed, Dashjr said he expects this to happen sometime in 2024.
As bitcoin-dev-critical-bug-not-everyone-agrees/” rel=”nofollow”>Bitcoinist reported, not everyone in the community agreed that this was actually a vulnerability. Some were concerned that if the “vulnerability” was eventually fixed, Ordinals and BRC-20 tokens would disappear, to which Dashjr responded affirmatively.
<img decoding="async" class="aligncenter size-medium" src="https://technicalterrence.com/wp-content/uploads/2023/12/Bitcoin-vulnerability-discovered-by-developer-has-been-flagged-by-US" alt="Tradingview.com bitcoin Price Chart” width=”3266″ height=”1530″ loading=”lazy”/>
btc price falls below $42,000 | Source: BTCUSD on Tradingview.com
NIST adds btc bug to list of vulnerabilities
Even though the bitcoin community did not take the warning about the vulnerability seriously, the US government has opted for a more proactive approach. The National Vulnerability Database, which depends on the government agency, the National Institute of Standards and technology (NIST), has bitcoin-ordinal-inscriptions-as-a-cybersecurity-threat/” rel=”nofollow”>went ahead to add the vulnerability to your Vulnerabilities List under 'Common Vulnerabilities and Exposures'.
The agency has assigned the vulnerability with the code CVE-2023-50428 after identifying that it could be a potential risk to the network, especially with regard to security or integrity. This means that the agency believes that this could lead to an exploit in the bitcoin network.
The very existence of Ordinals and BRC-20 tokens is already identified as one of the ways in which this vulnerability is already being exploited. Naturally, the agency seeks to avoid other ways in which the vulnerability could be further exploited in a way that could cause harm to its users.