Bitcoin Core Dev Takes Responsibility for Critical Bug: “I’m Embarrassed and Sorry”

Bitcoin Core Dev Takes Responsibility for Critical Bug: “I’m Embarrassed and Sorry”

John Newbery, a Bitcoin Core developer and contributor to cryptocurrency research and development group Chaincode Labs, takes responsibility for a critical bug recently discovered on the Bitcoin network.

Critical Bug Would Have Allowed Hackers to Create Bitcoin, Detector Hints at Sabotage
Related: Critical Bug Would Have Allowed Hackers to Create Bitcoin, Detector Hints at Sabotage

As CryptoSlate reported, on September 20, a serious issue called “bug CVE-2018–17144” left the Bitcoin network vulnerable to hackers who could have shut down the largest cryptocurrency in the global market and inflated its fixed supply of 21 million BTC.

Peter Rizun, the chief scientist at Bitcoin Unlimited, disclosed that Awemany, a Bitcoin Cash developer, discovered the bug on the Bitcoin Core software, which allowed the open source developer community of Bitcoin to quickly patch the bug.

Rizun said:

“Congratulations to awemany for making this important discovery and helping Core fix their software. Fake coins being mined into the blockchain would have threatened the legitimacy not only of BTC, but of cryptocurrency in general,”

Newbery Takes Responsibility

On September 24, Bitcoin Core developer Newbery admitted his fault in overseeing bug CVE-2018-17144, which made it to production phase after an initial QA process. He explained that instead of verifying a part of the Bitcoin Core codebase called “CheckTransactions()” he relied on the work of more experienced developers in the space that reviewed the codebase.

But, ultimately, it turned out that a vulnerability in the function was left undetected until after its production release.

“I am responsible for the CVE-2018-17144 bug. I spend my days reading the Bitcoin Core codebase. There’s no chance I haven’t read CheckTransaction(). When I read it, the ‘…so we skip it in CheckBlock’ comment should have jumped out at me. Instead of verifying for myself, I trusted that people smarter and wiser than I am had it covered. I took it for granted that someone else had done the work.”

Newbery issued an apology to the community in addition to his explanation of the case, emphasizing that he had shown poor judgment whilst reviewing the codebase of the Bitcoin Core software. He added:

“Last week I was found short in my knowledge and in my judgment. I’m embarrassed and sorry,”

No Codebase, Group, or Developers are Perfect

Just as Bitcoin saw a critical bug go through a production phase in the past week, Ethereum and many other public blockchain networks have also experienced such serious bugs in the past.

Within the global cryptocurrency sector, blockchain projects are competing against one another to create the best cryptocurrency and blockchain protocol in terms of technology, security, and scalability.

It is of utmost importance for every blockchain project in the space to make certain that bugs and vulnerabilities are disclosed and fixed transparently, in order to ensure that the cryptocurrency sector as a whole can improve and move forward.

Awemany, the developer that found the bug on Bitcoin, stated:

“I simply want to take the opportunity now to urge caution for everyone here. Bugs lurk everywhere. Everyone is imperfect. Myself included, of course. I started to like Jihan Wu’s credo of ‘Don’t play hatred, don’t wish competing coins ill. Just wish and try to make BCH better’ and see BCH and BTC in fierce but still civil competition. Civil competition obviously meaning no violence, including no violence like attacking each other’s nodes.”

The recent discovery of bug CVE-2018-17144 and the cooperation between Awemany and the Bitcoin Core team to address the bug supersedes politics and competition in the space. It has demonstrated the necessity of civil competition that is beneficial to every project in the cryptocurrency sector.

Cover Photo by Pedro Gabriel Miziara on Unsplash

Filed Under: Bitcoin, Hacks, Technology
Joseph Young

Joseph Young is a finance and tech journalist based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering exclusive content, interviews, insights and analysis of cryptocurrencies, innovative and futuristic technologies.

View author profile

Disclaimer: Our writers' opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.