Bitcoin, a leading cryptocurrency, has recently faced heightened scrutiny after the National Vulnerability Database (NVD) raised concerns about the cybersecurity risk associated with its inscriptions on December 9. This scrutiny shed light on a security flaw that played a role in the development of the Ordinals Protocol in 2022.
NVD discovers vulnerabilities in versions of Bitcoin Core and Knots
The NVD, overseen by the National Institute of Standards and Technology (NIST), a division of the U.S. Department of Commerce, pinpointed a vulnerability in specific versions of Bitcoin Core and Bitcoin Knots. This flaw allowed for the masking of data as code, enabling a bypass of the data carrier limit. Inscriptions exploited this technique in 2022 and 2023, as outlined in the database records. Being featured in the NVD’s list signifies the acknowledgment and documentation of a particular cybersecurity vulnerability, signaling its significance for public awareness.
Currently, BTC’s network vulnerability is under examination, with potential consequences including the inundation of the blockchain with substantial amounts of non-transactional data. This could lead to an enlarged network size, adversely impacting performance and fees. On the NVD’s website, a post from Bitcoin Core developer Luke Dashjr on X (formerly Twitter) serves as an informative resource. Dashjr alleges that inscriptions exploit a Bitcoin Core vulnerability to spam the network, likening it to receiving daily junk mail that users must sift through, causing delays in the processing of legitimate transactions.
Ordinal inscriptions and its impact on the BTC network
The concept of inscriptions involves embedding additional data onto a specific satoshi, the smallest unit of BTC. This data can manifest in various digital forms, such as images, text, or other media, and becomes a permanent part of the Bitcoin blockchain with each addition to a satoshi. Despite data embedding being a part of the BTC protocol for some time, its popularity surged with the introduction of the Ordinals Protocol in late 2022. This protocol allowed for the direct embedding of unique digital art into Bitcoin transactions, resembling the functionality of nonfungible tokens (NFTs) on the Ethereum network.
The increased volume of Ordinals transactions led to congestion in Bitcoin’s network throughout 2023. This congestion resulted in heightened competition to confirm transactions, leading to increased fees and slowed processing times. A potential resolution to the vulnerability involves patching the bug, which could restrict Ordinals inscriptions on the network. Dashjr acknowledged that if the vulnerability were fixed, Ordinals and BRC-20 tokens could become unviable. However, existing inscriptions would remain intact due to the immutability of the network.
The identification of a cybersecurity risk related to Bitcoin’s inscriptions by the NVD underscores the persistent challenges and vulnerabilities within cryptocurrency networks. The potential consequences on Bitcoin’s performance and fees highlight the importance of addressing such vulnerabilities to ensure the sustained stability and security of the cryptocurrency. The evolving landscape of digital arts, exemplified by Ordinals, adds further complexity to these challenges, necessitating a delicate balance between innovation and network security.
