A set of patch that was observed in bitcoin has shown that the vulnerability level would have been higher than what was earlier reported in an announcement about the bitcoin core versions 0.170rc4 and 0.16.3 about a DoS( denial of service), but that it could had led to double spending by miners within the bitcoin blockchain the developers stated.
In a Recent statement the Dev team said that:
“Thus, in Bitcoin Core 0.15.X, 0.16.0, 0.16.1, and 0.16.2, any attempts to double-spend a transaction output within a single transaction inside of a block where the output being spent was created in the same block, the same assertion failure will occur (as exists in the test case which was included in the 0.16.3 patch).
However, if the output being double-spent was created in a previous block, an entry will still remain in the CCoin map with the DIRTY flag set and having been marked as spent, resulting in no such assertion. This could allow a miner to inflate the supply of Bitcoin as they would be then able to claim the value being spent twice.”
The statement noted that this inflation that could have happened because of this bug that was detected this week, had been there when the bitcoin core software version of 0.15 was created.
Miners that would have disrupted the bitcoin network by making use of this bug would have lost their mining reward which is 12.5 BTC.
Developers said that they waited to disclose the full extent of the bug to prevent malicious miners from exploiting it prior to the upgraded client reaching critical mass.
Because of the need to protect the bitcoin network, bitcoin developers decided to give the full detail the bug until it has upgraded client reaching critical mass because of the tendency of scrupulous miners to take advantage of it.
The statement from the developers reads:
“In order to encourage rapid upgrades, the decision was made to immediately patch and disclose the less serious Denial of Service vulnerability, concurrently with reaching out to miners, businesses, and other affected systems while delaying publication of the full issue to give times for systems to upgrade.”
It encouraged full node operators who had not upgraded to do that as soon as possible. It concluded by saying that:
“At this time we believe over half of the Bitcoin hashrate has upgraded to patched nodes. We are unaware of any attempts to exploit this vulnerability,” the statement said. “However, it still remains critical that affected users upgrade and apply the latest patches to ensure no possibility of large reorganizations, mining of invalid blocks, or acceptance of invalid transactions occurs.”
