A serious vulnerability affected Bitcoin until 2023

Foto del autor

By TP

A vulnerability considered to be of high severity affected Bitcoin Core until May 2023. This vulnerability and two more, considered to be of medium severity, affected the Bitcoin Core project until version 25.0. The public disclosure of these flaws and their resolutions are due to Niklas Gögge, a developer who announced them through the Bitcoin developers mailing list. The first, higher risk, allows attackers to “remotely block Bitcoin Core nodes by triggering an assertion in the blocktxn message handling logic.” Blocktxn message handling logic refers to how Bitcoin network nodes handle and process messages containing requested block transactions.

Niklas Gögge revealed the vulnerabilities on the bitcoin developers mailing list. Source: groups.google.com/g/bitcoindev/ In summary, this message handling allows you to request missing transactions in the most recent block and rebuild complete blocks to ensure their integrity on the chain. This message encoding logic It is crucial to ensure the synchronization of the nodes and the data contained therein.

The exploitation of this vulnerability, which is still possible in versions of Bitcoin Core prior to 25.0, was that attackers were able to collide (make two different blocks share the same identifier) ​​nodes on purpose, intervening in the blocktxn management logic. Node collisions have important consequences, none of which involve the possibility of stealing bitcoin. Among them, blocking the nodes. Blocking them causes that the number of active nodes decreases, which reduces the decentralization and resilience of the network. In turn, this could potentially slow down the network.

Two other vulnerabilities in old versions of Bitcoin Core

Another vulnerability, this one of medium severity, affected the propagation of blocks in the Bitcoin chain. According to Bitcoin Core, before version 25.0 “a peer that sent mutated blocks could delete the download status of other peers that also announced the block to us, making it difficult for the block to propagate.” The Bitcoin node client claims that this vulnerability was fixed by ensuring that a participant can only affect its own block download stateand not the download status of other nodes. Mutated blocks are invalid blocks that contain altered information that does not correspond to the transactions contained therein.

A third error, also of medium severity, produced a denial of service in the propagation of blocks in the chain. That is, an overload of inventory messages that grew too large. This caused (and still does in older versions of Bitcoin Core) an increase in the time needed to sort inventory messages that announce transactions to other nodes. This affected the ability of the involved nodes to communicate with their peers. Recently, Bitcoin Core updated its security advisory policy regarding vulnerabilities in Bitcoin. This difference between four types of vulnerabilities: low, medium, high and critical, that are revealed from two weeks to a year after they are found.

As BitcoinDynamic reported in this note, none of the three vulnerabilities presented have the maximum risk status.