Earlier today, in a Medium blog post, Cory Fields, a Bitcoin Developer from MIT Media Labs revealed his experience about discovering a critical Bitcoin Cash [BCH] vulnerability that could mean the end of BCH.
In the past few hours, the post has spread like wildfire across all social medium platforms stirring up questions about responsible disclosure in open source projects.
Cory had initially discovered the vulnerability in April 2018. He said:
“On April 25, 2018, I anonymously and privately disclosed a critical vulnerability in Bitcoin Cash, one of the world’s most valuable cryptocurrencies — not to be confused with Bitcoin.”
He further stated:
“A successful exploit of this vulnerability could have been so disruptive that transacting Bitcoin Cash safely would no longer be possible, completely undermining the utility [and thus the value] of the currency itself.”
However, the vulnerability that Fields discovered was successfully fixed and resulted in a zero impact on the cryptocurrency. The incident was publicly disclosed on May 7, 2018.
Fields also clarified that the aforementioned vulnerability which has now been fixed had only posed a threat to Bitcoin Cash and not Bitcoin.
The vulnerability referred by Fields as “SIGHASH_BUG” had the potential to result in a chain split which simply means that the bug had the ability to split the currency into two incompatible currencies, making it completely impossible for users to make transactions.
Fields discovered the bug while rummaging through Bitcoin ABC’s change-logs. He stated:
“After seeing the minimal review the changes had undergone and the large number of lines changed, I thought it reasonably likely that a bug might have slipped in, and so I went looking. It took less than 10 minutes to find SIGHASH_BUG.”
He further stated that the revelation was not to demean Bitcoin Cash but was an eye-opener to all the companies and developers who are not well equipped for the situation. He also believes that a lot of work remains in order to reach a mature level of engineering that cryptocurrencies require.
He concludes his post by appealing developers to come together and work as a community to re-think all the procedures and policies that are in place and to put available tools to best use and learn from situations like the above to be better prepared for the future.
Vinny Lingham, the CEO of CivicKey tweeted:
“This is a good read for everyone working in crypto. Responsible and ethical behavior by everyone in the community, regardless of ideological beliefs, should be applauded.”
Vitalik Buterin, the Co-founder of Ethereum retweeted Vinny’s post and said:
“Questions remain as to how this revelation will be taken forward and the countermeasures that the cryptocurrency world will adapt, to reduce incidents such as these.”
The post Bitcoin Cash [BCH] – Consensus vulnerability revealed by Cory Fields appeared first on AMBCrypto.