Recently, a Bitcoin Cash developer exposed a significant vulnerability in the Bitcoin Core network. The bug, labeled as a Denial-of-Service and inflation malware, could have resulted in the collapsing of a large portion of the BTC network. Nonetheless, the issue was fixed after Bitcoin Core upgraded its network to version 0.16.3. The matter drew the attention of many members of the crypto community, including opinions from Charlie Lee, the founder of Litecoin.
One developer tweeted that 87% of the BTC network is still vulnerable to the bug, called CVE-2018-17144. According to them, the persistence of this issue could cause the network to lose its decentralization functionality. In response, Lee added that there is no rush to upgrade the entirety of the nodes to version 0.16.3. He based his opinion on the fact that most of the nodes have already upgraded, meaning that the invalid blocks have been isolated. Lee likened this case to the non-updated nodes during the 0.13 upgrade when the network depended on miners to implement SegWit to avoid inappropriate spending.
Additionally, Lee warned that it is very dangerous for all nodes to upgrade to 0.16.3 in one go. This is because a decentralized network should have client diversity. Charlie also mentioned that the upgrading process should be gradual because the newer version might have bugs that must be fixed before all nodes install the update. Precisely, Lee stated that people should have a patient approach when deploying upgrades.
In conclusion, Lee speculated that all trading platforms and payment processors have possibly upgraded to protect themselves from malicious attacks. Charlie also mentioned that miners have no reason to chance, adding that the Nakamoto consensus algorithm on the BTC network is made in such a way that it prevents all parties from skewing the network.
Last week, developers published a detailed statement describing the risks posed by the bug. The report was titled as ‘CVE-2018-17144 Full Disclosure.’ Specifically, the statement discussed the two variations of threats that would have affected the network if the bug was exploited by hackers. As mentioned earlier, the two were denial-of-service and inflation. While denial-of-service was detected upon preliminary inspections, the inflation threat took a considerably longer time to discover.
Luke Dashjr, the developer to whom Charlie Lee responded, reverted to Charlie’s standpoint, saying that SegWit should not have been activated until most of the BTC nodes had upgraded to 0.16.3.