Bitcoin Forum
March 21, 2023, 05:30:47 PM *
News: Latest Bitcoin Core release: 24.0.1 [Torrent]
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Development & Technical Discussion / "CVE-2021-31876 Defect in Bitcoin Core's bip125 logic" on: July 25, 2021, 01:24:38 PM
I have been reading some of the vulnerabilities that Bitcoin core has had recently and I do not understand the bullet point below

Explicit signaling: A transaction is considered to have opted in to
allowing replacement of itself if any of its inputs have an nSequence
number less than (0xffffffff - 1).
An unconfirmed child transaction with nSequence = 0xff_ff_ff_ff spending an
unconfirmed parent with nSequence <= 0xff_ff_ff_fd should be replaceable as
the child transaction signals "through inheritance". However, the
replacement code as implemented in Core's `PreChecks()` shows that this
behavior isn't  enforced and Core's mempool rejects replacement attempts of
an unconfirmed child transaction.

Can anyone explain to me what this means and how this effects the client and how critical this vulnerability is?
2  Other / Beginners & Help / List Of Bitcoin Vulnerabilities on: May 21, 2020, 12:36:40 PM
In this forum everyone talks about the positives of Bitcoin but I thought it would be interesting to have a look at the negatives of Bitcoin and look at the vulnerabilities Bitcoin has suffered through Bitcoin clients and other software like Bitcoin Knots and wxBitcoin. I think it is important for newcomers to cryptocurrency to comprehend the dangers and the history of the vulnerabilities and exposures in order to be aware of the different types of risks that could be conceivable in the future. All of the listed vulnerabilities will already have a solution and I think it's important to think about that too. Throughout history of Bitcoin and the software used for access Bitcoin has experienced 44 documented vulnerabilities ranging from severe to harmless but before we look at them I would like to make it clarify that this is not a anti Bitcoin post and Bitcoin isn't only influenced by the weaknesses below.

I have before talked about negatives of Bitcoin and "timejacking"

CVE-2010-51372010-07-28wxBitcoin and bitcoindNetsplit
CVE-2010-51412010-07-28wxBitcoin and bitcoindDoS
CVE-2010-51382010-07-29 wxBitcoin and bitcoindTheft
CVE-2010-51392010-08-15 wxBitcoin and bitcoindDoS
CVE-2010-51402010-09-29wxBitcoin and bitcoindInflation
CVE-2011-44472011-11-11wxBitcoin and bitcoindDoS
CVE-2012-19092012-03-07 Bitcoin protocol and all clients Exposure
CVE-2012-19102012-03-17 bitcoind & Bitcoin-Qt for Windows Netsplit
BIP 00162012-04-01All Bitcoin clientsUnknown
CVE-2012-24592012-05-14 bitcoind and Bitcoin-QtFake Conf
CVE-2012-37892012-06-20 bitcoind and Bitcoin-QtNetsplit
CVE-2012-4682-bitcoind and Bitcoin-QtDoS
CVE-2012-46832012-08-23 bitcoind and Bitcoin-QtDoS
CVE-2012-46842012-08-24bitcoind and Bitcoin-QtDoS
CVE-2013-22722013-01-11 bitcoind and Bitcoin-QtDoS
CVE-2013-22732013-01-30bitcoind and Bitcoin-QtDoS
CVE-2013-22922013-01-30bitcoind and Bitcoin-QtExposure
CVE-2013-22932013-02-14bitcoind and Bitcoin-QtExposure
CVE-2013-32192013-03-11bitcoind and Bitcoin-Qt 0.8.0 DoS
CVE-2013-32202013-03-11bitcoind and Bitcoin-Qt DoS
BIP 00342013-03-25All Bitcoin clients Fake Conf
BIP 00502013-05-15All Bitcoin clients Netsplit
CVE-2013-46272013-06-?? bitcoind and Bitcoin-QtDoS
CVE-2013-41652013-07-20bitcoind and Bitcoin-QtTheft
CVE-2013-57002013-09-04bitcoind and Bitcoin-Qt 0.8.x DoS
CVE-2014-01602014-04-07Anything using OpenSSL for TLS Unknown
CVE-2015-36412014-07-07bitcoind and Bitcoin-Qt prior to 0.10.2 DoS
BIP 66 2015-02-13 All Bitcoin clientsFake Conf
BIP 65 2015-11-12All Bitcoin clientsFake Conf
BIPs 68, 112 & 113 2016-04-11 All Bitcoin clientsFake Conf
BIPs 141, 143 & 147  2016-10-27All Bitcoin clientsFake Conf
CVE-2016-8889 2016-10-27Bitcoin Knots GUI 0.11.0 - 0.13.0Exposure
CVE-2017-9230  -Bitcoin?
BIP 148  2017-03-12All Bitcoin clientsFake Conf
CVE-2017-12842 2018-06-09--
CVE-2016-10724 2018-07-02bitcoind and Bitcoin-Qt prior to 0.13.0 DoS
CVE-2016-10725 2018-07-02bitcoind and Bitcoin-Qt prior to 0.13.0 DoS
CVE-2018-17144 2018-09-17 bitcoind and Bitcoin-Qt prior to 0.16.3 Inflation
CVE-2018-205872019-02-08Bitcoin Knots prior to 0.17.1 & all Bitcoin Core releases Theft
CVE-2017-18350 2019-06-22bitcoind and Bitcoin-Qt prior to 0.17.1 Unknown
CVE-2018-20586 2019-06-22bitcoind and Bitcoin-Qt prior to 0.17.1 Deception
CVE-2019-12998 2019-08-30c-lightning prior to 0.7.1 Theft
CVE-2019-129992019-08-30lnd prior to 0.7Theft
CVE-2019-1300 2019-08-30eclair prior to 0.3Theft
44 Vunerabilities

Table FAQ

1. What does CVE mean?
CVE is abbreviated as Common Vulnerabilities & Exposures which is a method for referencing security vulnerabilities and exposures by including the date of discovery and a ID number to identify what vulnerability or exposure that is being referenced.

2. What does "Announced" mean?
Announced means the date that the CVE was addressed formerly because of the way security works in software it would be a bad idea to make a vulnerability public at the time of discovery because it might have severe consequences to the software and its users and could cause a lot of damage. In the security world it is normal for a person to report a bug privately so that the developers can patch the vulnerability and then come out with an announcement that a bug was present and has now been patched.

3. What do the different terms mean under severity?

Denial of service which is an attack to prevent a service from being accessed as normal.

An attacker can create a new network which is independent from the Bitcoin network and can allow double spending.

Attacker would be able to take coins without being confined to the normal Bitcoin network rules.

Fake Conf
An attacker can make double spend transactions.

User data can be stolen by an attacker.

Attacker can create Bitcoins and insert them into the network which would allow the attacker to create more coins than the 21 million hard limit imposed by the normal network rules.


This vulnerability allowed remote attackers to cause a denial of service attack (DoS) by crashing the Bitcoin daemon service via a transaction containing an OP_LSHIFT script opcode. This affected all versions of bitcoind
wxBitcoin up to 0.3.4. The vulnerability was fixed in version 0.3.5 and all remaining unused script words were disabled as a precaution.

This vulnerability allowed a remote attacker to spend coins on the network that they did not own by using unspecified vectors. This vulnerability was tested on the test network of Bitcoin and did not occur on the main chain. The bug affected bitcoind wxBitcoin  up to 0.3.4 and was fixed in version 0.3.5.


A block was discovered to have a lot of OP_CHECKSIG commands attached to transactions which caused extra strain on the network because the Bitcoin nodes had to do extra work to verify each command. The issue was fixed in version 0.3.x which prevented attaching multiple OP_CHECKSIG commands being attached to transactions and from then on only allowed one to be attached.


This vulnerability was to be known as the "value overflow incident" which is the infamous event where an attacker created 184,467,440,737.09551616 Bitcoins on the main network. Within 5 hours of discovering that this had happened a new client was released to fix the issue by rejecting transactions with value overflow and to correct the coins being injected into the main chain the main Bitcoin chain had to be forked.
3  Bitcoin / Development & Technical Discussion / Timejacking on: August 31, 2019, 10:53:53 AM
I'm not going to patronize the members on this forum by going into the basics of how Bitcoin works but I'm sure that a lot of members here aren't quite sure of the possibilities of Bitcoin.  Bitcoin is not a perfect system and does have its faults anyone who is claiming that Bitcoin is a perfect system is in the honeymoon period of Bitcoin. Bitcoin is a revolutionary project which might not be the perfect solution to gaining control back in this world but it is certainly  the cryptocurrency that started the movement and therefore will always have a special place in the hearts of cryptocurrency fans.  

Timejacking in particular is a topic that was discussed ad nauseam in the early days of Bitcoin. The attack is only temporary and it would have to be a highly organized attack to do real damage other than disrupting the network. I'd like to revive the discussion about timejacking and see how the community's opinion on the subject has changed over the years.1 For anyone unfamiliar with the timejacking attack, I'll explain a little below:

Timejacking is a potential vulnerability in the Bitcoin system that was much discussed in the early days of Bitcoin. Timejacking is a vulnerability that exploits Bitcoin's handling of its timestamps. The idea behind timejacking is that an attacker can forge or broadcast a false timestamp of a transaction when connecting to a Bitcoin node allowing an attacker to change the node's network time and trick it into accepting an alternative Blockchain. This means that the attacker can effectively exploit this to do a double spend on the network.

I assume we all know what block rewards are but for those unfamiliar with the term  it's basically how Bitcoin regulates the production of Bitcoin so they don't get mined right away. When generating Bitcoins a timestamp is applied and these are fundamental to the distribution of Bitcoin. The difficulty of mining Bitcoin is directly related to these timestamps and the Bitcoin system automatically adjusts the difficulty of the network based on the timestamps of how long it took to process and mine the last block.

Bitcoin nodes have an internal clock that is responsible for these timestamps and synchronizes the network time to make sure it is the same as other nodes. Timestamps are the foundation of the Blockchain system. If you check your node you will see that it is currently using the system time that is on your machine. But if these timestamps differ from other nodes by about 60 minutes, then the node is not considered trustworthy and it will be removed from the Blockchain. Until the time is accurate and synchronizes it is considered running an alternate chain.

Timejacking is the result of this 60 minutes of play within the system. Timejackers can speed up or even slow down the time of the nodes by connecting as multiple peers and reporting inaccurate timestamps using an edited system time on their machines. Attacking the median time of the network could result in sending double spends. Another approach is to create a block called "Poison Pill" is when you are creating a new block with a timestamp that is 190 minutes ahead of the current time of the blockchains. To do this, they would need some of the network's computing power. Ideally a few percent to make this successful. The current Blockchain nodes would reject the newly created poison block because it is 260 minutes ahead of its own delayed network time, but miners mining to generate new Bitcoins will accept the new block as it is only 120 minutes ahead of their own accelerated network time. This means that the new poison block becomes isolated from the routine transaction processing on the network and as the network processing continues to process new blocks every new block created by the miners appears to be invalid due to the time difference between these new blocks. This means that the new blocks would immediately drop the invalid blocks without checking and verifying the history of the blocks. The attacker could continue to do this until there is an intervention from other Bitcoin node operators. This attack is more of a nuisance than a hack but with a system that relies on network trust it can quickly become a problem and cause panic within the network. AFAIK has not yet seen the poison block attack in the history of Bitcoin, possibly because there is no real benefit to be gained from it, but it is certainly possible and could disrupt the network enormously. As long as the attacker controls a significant portion of the network he can exploit the double-spending problem  which I'll explain later. By having a significant chunk of the network's power they could send transactions on these poison blocks and confirm them within an hour. Using the double spend on the poison blocks would be temporary until the network is stable and the poison blocks are rolled back. But this could be used to trick Bitcoin accepting merchants into accepting a payment that is basically a double spend on these poison blocks.

Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!