Categories: CryptoNews

Community Criticizes Bitcoin Unlimited’s Inability to Prevent Severe Bug Exploitation

It is becoming more evident that the likelihood of Bitcoin Unlimited being executed as a hard fork solution is substantially low. One major factor which ultimately drove the community and miners away from Bitcoin Unlimited is its development team’s inability to prevent severe bugs and internal technical issues from being exploited.

In a span of two weeks, Bitcoin Unlimited suffered from two major bug exploitations. The first bug which happened on March 14 led to a 6-hour downtime for Bitcoin Unlimited miners. According to bitcoin investor Alistair Milne, considering the 35 percent hashrate allocated to the software, the cost of the bug exceeded US$200,000 in miner revenue losses. In addition, hundreds of nodes were shut down as a result of the bug.

The bitcoin community including Bitcoin Core developer Peter Todd were outraged by the dishonesty of Bitcoin Unlimited developers when the team claimed that they found the March 14 bug themselves. In an interview, a security researcher by the name of Charlotte Gardner revealed that she found the bug before the Bitcoin Unlimited team even came close to spotting it.

“I am quite beside myself at how a project that aims to power a $20 billion network can make beginner’s mistakes like this.” I am rather dismayed at the poor level of code quality in Bitcoin Unlimited and I suspect there [is] a raft of other issues” said Gardner.

The philosophy of the Bitcoin Unlimited team when it comes to open source development conflicts with the core principle of bitcoin. The Bitcoin network was designed in such a way that an open community of developers pave the growth of Bitcoin in a transparent and secure manner. However, because Bitcoin Unlimited as software is being developed by a closed group of developers with little to no transparency, the community is struggling to support the project.

In particular, when the second bug was found, as reported by The Merkle on March 22, the Bitcoin Unlimited team ran a closed source patch to fix the error. According to Bitcoin Core developer Greg Maxwell, the update of the Bitcoin Unlimited team removed runtime state corruption protection, which is necessary in order for nodes to shut down cleanly when an unexpected error occurs.

Maxwell explained:

Related Post

“Among other things, they’ve removed all the runtime state corruption protection… so cases where nodes would cleanly and safely shut down in the event of things going wrong, turn into potential consensus splits or even remote code execution.”

If such an update was released to an open source development community and underwent peer and community review before being added to the software, there is a high chance that it would have been approved due to security issues.

Introducing closed source updates as a recovery mechanism to protect users from bug exploitations isn’t an efficient and secure method of development, especially when it comes to developing bitcoin. Developers, especially Bitcoin Core developers, often try to prevent bugs from being released to the public as it may negatively affected virtually everyone within the network, especially the miners.

As security and bitcoin expert Andreas Antonopoulos explained, if the bugs of Bitcoin Unlimited were exploited during a hard fork, their damage to miners would have been in the millions. In that scenario, even if Bitcoin Unlimited developers were to release an update to resolve the issue, the financial damage on miners would have already been significant.

Image Via: General Assembly

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

Joseph Young

Joseph Young is a finance and tech journalist based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering exclusive content, interviews, insights and analysis of cryptocurrencies, innovative and futuristic technologies.

Share
Published by
Joseph Young

Recent Posts

Velocity Ticket Debuts As The AI-Powered Invoicing Tool Every Service Business Needs in 2026

Velocity Ticket is trying to fix a major gap in businesses, and the approach it…

2 weeks ago

Axelar Confirms $4.67M Exploit on Secret Network Bridge, Core Protocol Remains Unaffected

Axelar is moving fast to contain damage after identifying a security incident that has resulted…

2 weeks ago

Sui Synthetic Dollar suiUSDe Gets Its Own Website

suiUSDe now has a dedicated landing page. The token, officially the eSui Dollar, comes out…

2 weeks ago

Ventuals Winds Down HIP-3 DEX, vHYPE Withdrawals Now Live For All Holders

Ventuals has fully wound down its HIP-3 DEX, and vHYPE withdrawals are now open. The…

2 weeks ago

Avalanche Launches Payments Collective With Franklin Templeton And 25 Others

Avalanche has launched the Avalanche Payments Collective, bringing together 28 organizations spanning nearly every layer…

2 weeks ago

ASTER Whale Reopens 5x Long Days After Getting Fully Liquidated On The Same Token

A wallet tracked as 0x5f91 just opened a fresh 5x leveraged long on ASTER, putting…

2 weeks ago