It was ethical to exploit the lightning bug – Bitcoin Magazine

This is an opinion piece by Shinobi, a self-taught Bitcoin educator and tech-savvy Bitcoin podcast host.

For the second time in about a month, btcd/LND has had a bug exploited that caused them to diverge in consensus from Bitcoin Core. Once again Burak was the developer who triggered this vulnerability – this time it was clearly on purpose – and once again it was a problem with code to analyze Bitcoin transactions above the consensus layer. As I discussed in my piece on the previous bug that Burak triggered, before Taproot there were limits to how large the script and witness data in a transaction could be. With the activation of Taproot, these limits were removed, leaving only the restrictions on the block size itself to limit these parts of individual transactions. The problem with the latest bug was that although the consensus code in btcd was properly upgraded to reflect this change, the code that handles peer-to-peer transfer – including parsing data before sending or receiving – did not upgrade properly. So the code processing blocks and transactions before they were actually sent to be validated for consensus failed the data, never sent it to the consensus validation logic and the block in question was never validated.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *