Bitcoin Advocate Says CVE-2018-17144 Fix was Good, But Needs is a Root Cause Analysis
For those of you that haven't gone (not so) out of your way to upgrade your Bitcoin Core to the latest version, that Bitcoin Core 0.16.3, you should do is now rather than later. Why should you do that? Because of the latest critical bug that has, albeit briefly, blighted the blockchain: CVE-2018-17144.
The reason? because it could have been used to create brand new Bitcoin completely out of thin air, sounds like Alchemy but it's actually a pretty annoying bug. It represented a violation of the currencies own promise too – in that it promised that no more than 21 million Bitcoin can ever be created.
Initially, it was introduced into the wider codebase about two years ago in the merge, it has since been discovered and disclosed relatively recently. If it were a bug that users went on to exploit, it could have had a profound impact on the overall trust in Bitcoin, setting it back, potentially by years.
Since this bug was discovered, users have been pushing for a root cause analysis in order to fully address the issue. Those curious about how this was allows to happen have subsequently been shouted down by the majority it seems, and respective Github issues were since locked for comments. But those that were shouted off Reddit and cast off Github are taking to other mediums.
One of the credible arguments that comes out of these calls for an analysis has been that it stands as one of the most serious bugs found in Bitcoin's code over the last five years. And while the community is of a mind to accept and move on, there are those that see it as far beyond being the smart thing to do and are instead calling for reasons why in order to prevent it from happening again.
In order for Bitcoin to continue to prove an effective and dominant force in the cryptocurrency world, it's true that there needs to be a meticulously detailed ledger of all the investigations into bugs, especially this one. The community is united in their desire to see it become a ‘production ready', globetrotting world currency, and in order for that to happen, bugs need to be addressed as the very real dangerous cases that they have the potential to become.