Bitcoin Optech Celebrates Year of Major Bitcoin Vulnerability Fixes
The popular Bitcoin OpTech newsletter has created a Hall of Fame to thank developers who responsibly disclosed major vulnerabilities in Bitcoin software without exploiting them for their own benefit. The list provides more than four years of history of episodes when Bitcoin came close to the brink of failure.
Bitcoin OpTech develops open source technology for businesses interested in using bitcoin. It problems routinely responsible disclosures about software vulnerabilities so that developers can work with them. The firm is best known for its newsletter, a weekly email digest that covers technical news about Bitcoin and related software.
Now it maintains a list of some of the biggest bugs it has received reports of. Many of them were serious Bitcoin vulnerabilities that an attacker could have used to cause significant damage to key parts of Bitcoin’s infrastructure, such as Bitcoin Core or the Lightning Network.
Bitcoin Vulnerabilities: Block parsing errors in LND and BTCD
Bitcoin Optech Newsletter #222 reported a block analysis bug in LND and BTCD discovered by Burak passing by brqgoo. He sent a 998-of-999 Taproot tapscript multi-signature transaction that broke a parsing library used by BTCD and LND. The bug was revealed on November 9, 2022.
Taproot’s consensus rules did not limit the size of witness data sent in a transaction. Users soon reported that BTCD full node and LND Lightning Network implementations could not forward data from the last blocks. A developer fixed the problem with a new version of BTCD’s code.
Read more: Bug freezes bitcoin inside Lightning Network for hours
Security vulnerability discovered in Lightning Network anchor outputs
Bastien Teinturier informed Lightning-Dev mailing list recipients of a security issue affecting older versions of Core Lightning with experimental features and LND.
A newer design for LN anchor exits allowed parties to combine multiple canceled HTLC exits into a single transaction. This design included a flaw that could allow a party that issued a revoked HTLC steal unclaimed funds when an HTLC time lock expired.
He had previously reported it to LN implementation maintainers and recommended that users of old versions of Core Lightning install upgrades. The bug was reported in May 2021.
Cross-Site Scripting Vulnerabilities in BTCPay Server
Ajmal Aboobacker and Abdul Muhaimin received disclosure bounties for informing BTCPay developers of three cross-site scripting vulnerabilities in BTCPay Server. BTCPay Server 1.2.3 solved the problem. The bug was shared with the public in September 2021.
Differences between BIP125 and Bitcoin Core implementations
Prior to that, Antoine Riard reported a possible source of conflict between BIP125 and Bitcoin Core that was revealed in May 2021. BIP125 allowed unconfirmed parent transactions that senders could replace with Replace-By-Fee to make all transactions using parent transaction output interchangeable through derived inheritance.
This feature caused a conflict with Bitcoin Core, which did not allow this behavior. The conflict could make an existing LN vulnerability disclosed in Optech Newsletter #95 cheaper to exploit.
Acceptance of non-standard signatures in LND
Antoine Riard disclosed a vulnerability in LND in October of that year, which caused it to accept transaction signatures that Bitcoin Core could not forward or mine by default. When the transaction was not verified at the Bitcoin Core level, the time lock expired and the attacker could steal the funds.
Inventory is out of memory Denial-of-Service attack
Back in September 2020, Braydon Fuller and Javed Khan disclosed a vulnerability that allows attackers to flood bitcoin nodes with inventory (inv) messages in a variant of the Denial-of-Service attack. Each inv message contained the maximum number of transaction hashes.
When the target nodes received too many inv messages, they could runs out of memory and crashes. The Denial-of-Service attack can be combined with an eclipse attack to steal funds.
LN fee ransom attack
In June 2020, René Pickhardt discovered a Lightning Network vulnerability where a sender could hold payments hostage by not choosing an appropriate fee rate when sending payments.
Even in the Lightning Network, attackers could increase fee rates by sending many “junk” transactions, which could make the recommended fee structure higher than the chosen fee rate. Exploitation of this vulnerability could force the receiver to close the channel without receiving payments or agree to settle HTLC’s offchain.
Fee passing attack on multi-input segwit transactions
Greg Sanders found a vulnerability in the software commonly used to interact with hardware wallets in June 2020. Hardware wallets can ensure safe storage of digital assets in part because their owners typically do not leave them attached to a computer that connects to the Internet.
However, an attacker can hack the computer of a hardware wallet owner and use it to take control of the software. The attacker can use it to trick the hardware wallet into overpaying for transaction fees by interfering with the algorithms used to calculate the UTXO amounts.
Just the vulnerability affects stateless signatories as hardware wallets that do not store UTXO data and must recalculate it every time their owners send a transaction.
Overflow bug in reference C language bech32 implementation
Trezor disclosed a bug in the reference function for Bech32 implementations written in the C programming language in November 2018. The bug does not affect implementations written in other programming languages.
It released an update that fixes the bug. Ledger informed Trezor of a similar error in one of Trezor’s libraries for Bitcoin Cash addresses. Trezor also made an update to fix it.
Bitcoin Optech fixed a denial of service issue
The Bitcoin Optech team fixed a denial-of-service vulnerability that an attacker could have used to trick miners into accept invalid bitcoin transactions. It recommended that miners and Bitcoin services upgrade their software to include the fix or wait for at least 30 confirmations.
Awemany originally reported the issue. Bitcoin Optech issued a warning about this vulnerability on September 20, 2018. According to the technical details, the flaw could have allowed the miner to set up a precise set of conditions where a sender could spend bitcoin twice.
Cory Fields reported a consensus-breaking bug in Bitcoin Cash
Cory Fields revealed in August of that year that he made an anonymous report about a consensus-breaking bug in Bitcoin Cash after a frustrating experience reporting the bug to Bitcoin Cash developers.
He recommended making it easier to report vulnerabilities to digital asset projects anonymously. Neha Narula added some recommendations for project managers to prevent potentially catastrophic errors.
Vulnerability in SPV evidence is accidentally disclosed
A Proof of SPV vulnerability allows the creation of a Proof of SPV of a non-existent transaction by creating a genuine 64-bit transaction that tricks miners into including it in a block. Bitcoin creator Satoshi Nakamoto predicted this flaw in SPV proofs in Section 8 of the Bitcoin Whitepaper.
Developers believed that an attacker using this exploit would find it more expensive than it’s worth. However, to cover their bases, they modified the Bitcoin Core RPCs to perform additional checks that could mitigate this vulnerability.
For more informed news, follow us further Twitter and Google News or listen to our investigative podcast Newly created: Blockchain City.
