Bitcoin Core developer from MIT Media Labs Cory fields revealed in April, a critical vulnerability in the code Bitcoin Cash (BCH). He wrote about this post on blogging platform Medium.
According to the developer, the vulnerability could lead to fatal consequences for the fourth by market capitalization crypto-currencies. Despite the fact that the vulnerability was revealed several months ago, the developer only recently decided to bring this information public.
“April 25, 2018 I anonymously and confidentially discovered a critical vulnerability in Bitcoin Cash — is one of the most important crypto currencies (not to be confused with bitcoin)”, writes Corey fields.
According to him, this bug could prove devastating for Bitcoin Cash, “completely undermining the usefulness and hence the value of the cryptocurrency”.
Team Bitcoin Cash rewrote part of the code signature validation of the transaction. However, the new code was made a critical mistake — he didn’t check a certain bit in the type signature. The vulnerability specified by the Filth as SIGHASH_BUG, could cause separation of the blockchain on two incompatible chains, as well as to make impossible the implementation of the transaction.
First fields decided to immediately report the problem to the developers of Bitcoin Cash. However, he came to the conclusion that the usual channels can leak information about the vulnerability as well as her falling into the hands of fraudsters. Soon, he created an anonymous account on GitHub through Tor contacted the developers BCH, requesting a confidential communication method.
According to fields, the above vulnerability is threatened only BCH but not bitcoin. To date, the bug is completely fixed.
At the end of his post, fields invited the developers to join together to rethink existing rules and procedures, and to use all possible tools to prevent such problems in the future.
Information about the bug spread rapidly, stolichnov long-standing questions about responsible disclosure in open source development projects. CEO CivicKey Winnie Lingham reacted favorably to socially responsible behavior for fields by writing the following:
“Regardless of ideological beliefs, is to welcome the responsible and ethical conduct of any of the members of the community.”
ForkLog previously reported that the activity of developers in the repository Bitcoin Cash decreased to a minimum.