Emergency Update from Litecoin Team Ensures Safety Against DoS Vulnerability
There was recently a Denial-of-Service (DoS) vulnerability that was hidden away in the code of the Litecoin (LTC) platform. However, upon finding this issue, the team started working on an emergency update that would solve it, which was put in place recently. To ensure that consumers were able to protect themselves as soon as possible, the company placed a warning that community members need to upgrade as soon as they can.
If left alone, this bug on the system exploits itself when miners send multiple inputs, which eventually leads to crashing the newly implemented protocols. Since the coding used for Litecoin and Bitcoin is so similar, there was evidence that some of the bug’s protocols were found on the Bitcoin blockchain as well.
Furthermore, the bug has the chance to cause a crash in Litecoin Core whenever a corresponding transaction causes a block in the chain where it is input twice. As a result, the duplicate blocks are deemed invalid, and only miners that are willing to lose the income they make can do this. Otherwise, most miners essentially refuse to mine blocks if they do not get any reward as a result.
One of the other notes on the update said that the users with post-0.16 wallets will not be compatible with pre-0.16 versions of the update. However, if there are wallets that were made before the update came out will not have to worry about being impacted. Furthermore, the Linux Kernel, macOS 10.8+, and Windows versions after Vista are all compatible with the update. In order to verify the release, the user needs a GPG key. However, this key will be given with the release, verifying that there has been no damage or modifications to the code.
Twitter users, as usual, commented on these changes online. User prayank said, “Will be interesting to know how many other altcoins are affected due to bitcoin core vulnerability discovered recently.”
However as far as the original bug fix that showed up on GitHub, developer sickpig said, “As far as I can tell the list of people to which the bug was disclosed was not exhaustive, not by a long shot, so make sure to have a proper way to tell projects/devs that their code is at risk is a must IMHO. It would be great to know what were the actions taken to put in places the aforementioned coordination process. The aim is to improve the process in case of new disclosures that could happen in the future.”