On April 25, 2018, I anonymously and privately disclosed a critical vulnerability in Bitcoin Cash, one of the world’s most valuable cryptocurrencies — not to be confused with Bitcoin. A successful exploit of this vulnerability could have been so disruptive that transacting Bitcoin Cash safely would no longer be possible, completely undermining the utility (and thus the value) of the currency itself. Instead, the vulnerability was fixed without incident, and publicly disclosed on May 7, 2018.
A quick clarification: Bitcoin Cash is a cryptocurrency that is distinct from and incompatible with Bitcoin. It is named as such because it is derived from Bitcoin. The now-fixed bug described below only affected Bitcoin Cash; the only relation to Bitcoin is the similar name.
As for me and my motivations, I work for the Digital Currency Initiative at the MIT Media Lab, which as the name implies, is a group tasked with researching and developing cryptocurrencies. Specifically, I help develop and maintain Bitcoin Core, Bitcoin’s primary software implementation. Because of that work, I’m often asked at conferences and workshops what I consider to be Bitcoin’s greatest challenge in the future. My answer is always the same: avoiding catastrophic software bugs.
Working through this bug, which certainly had the potential for catastrophe, has reaffirmed my belief that the threat of software bugs is severely underestimated in the cryptocurrency world. I’m presenting a detailed report of this incident not as a slight against Bitcoin Cash, but as a real-world example of how much work is still required to reach the sophisticated level of engineering that cryptocurrencies require, and as a wake-up call to companies who have not adequately prepared for this type of scenario.SIGHASH_BUG
In short, a portion of the transaction signature verif...