Back in 2018, an information security specialist and engineer Braydon Fuller (Braydon Fuller) discovered a dangerous problem in Bitcoin Core (versions 0.16.0 and 0.16.1). The problem appeared in 2017 and was named INVDoS. Soon after discovery CVE-2018-17145 was quietly eliminated, and Fuller kept his find a secret for two years, fearing activity on the part of attackers who might be interested in the bug.
However, now the technical details of the vulnerability were made publicas this problem was re-discovered by other specialists and threatened another cryptocurrency that is based on the old version of the Bitcoin code.
The INVDoS problem is essentially a classic denial of service (DoS) attack. And while DoS attacks are often virtually harmless, they can pose a serious threat to Internet-accessible systems that process transactions and need to be stable and reliable.
Fuller discovered that an attacker can generate special transactions, processing of which by nodes can lead to "uncontrolled waste of resources", and ultimately to a complete failure of the vulnerable system.
The researcher notes that at the time the bug was discovered, more than 50% of Bitcoin nodes were vulnerable to INVDoS and, most likely, many miners and exchanges. Moreover, not only Bitcoin nodes working with Bitcoin Core, but also nodes working with Bcoin and Btcd, and other cryptocurrencies based on the original Bitcoin protocol, including Litecoin and Namecoin, were at risk.
The researcher writes that the exploitation of this problem could lead to the loss of funds or income:
“(Damage) could have arisen from lost mining time or power consumption resulting from node shutdowns, block delays or temporary network separation. It could also cause interruptions and delays in fixed-term contracts or hamper economic activity. (Issue) could affect trade, exchanges, atomic swaps, escrow and HTLC payment channels in the Lightning Network. "
As mentioned above, in 2020 the vulnerability was re-discovered by another information security expert. The problem was “found again” by the developer of the Handshake protocol, Javed Khan, when he was looking for vulnerabilities in the Decred cryptocurrency.
Khan officially reported the bug bounty to Decred and eventually went public. Now the details of the bug are published on dedicated website…