John Newbery, a Bitcoin Core developer and contributor to cryptocurrency research and development group Chaincode Labs, takes responsibility for a critical bug recently discovered on the Bitcoin network.
As CryptoSlate reported, on September 20, a serious issue called “bug CVE-2018–17144” left the Bitcoin network vulnerable to hackers who could have shut down the largest cryptocurrency in the global market and inflated its fixed supply of 21 million BTC.
Peter Rizun, the chief scientist at Bitcoin Unlimited, disclosed that Awemany, a Bitcoin Cash developer, discovered the bug on the Bitcoin Core software, which allowed the open source developer community of Bitcoin to quickly patch the bug.
Rizun said:
“Congratulations to awemany for making this important discovery and helping Core fix their software. Fake coins being mined into the blockchain would have threatened the legitimacy not only of BTC, but of cryptocurrency in general,”
Newbery Takes Responsibility
On September 24, Bitcoin Core developer Newbery admitted his fault in overseeing bug CVE-2018-17144, which made it to production phase after an initial QA process. He explained that instead of verifying a part of the Bitcoin Core codebase called “CheckTransactions()” he relied on the work of more experienced developers in the space that reviewed the codebase.
But, ultimately, it turned out that a vulnerability in the function was left undetected until after its production release.
“I am responsible for the CVE-2018-17144 bug. I spend my days reading the Bitcoin Core codebase. There’s no chance I haven’t read CheckTransaction(). When I read it, the ‘…so we skip it in CheckBlock’ comment should have jumped out at me. Instead of verifying for myself, I trusted that people smarter and wiser than I am had it covered. I took it for granted that someone else had done the work.”
Newbery issued an apology to the community in addition to his explanation of the case, emphasizing that he had shown poor judgment whilst reviewing the codebase of the Bitcoin Core software. He added:
“Last week I was found short in my knowledge and in my judgment. I’m embarrassed and sorry,”
No Codebase, Group, or Developers are Perfect
Just as Bitcoin saw a critical bug go through a production phase in the past week, Ethereum and many other public blockchain networks have also experienced such serious bugs in the past.
Within the global cryptocurrency sector, blockchain projects are competing against one another to create the best cryptocurrency and blockchain protocol in terms of technology, security, and scalability.
It is of utmost importance for every blockchain project in the space to make certain that bugs and vulnerabilities are disclosed and fixed transparently, in order to ensure that the cryptocurrency sector as a whole can improve and move forward.
Awemany, the developer that found the bug on Bitcoin, stated:
“I simply want to take the opportunity now to urge caution for everyone here. Bugs lurk everywhere. Everyone is imperfect. Myself included, of course. I started to like Jihan Wu’s credo of ‘Don’t play hatred, don’t wish competing coins ill. Just wish and try to make BCH better’ and see BCH and BTC in fierce but still civil competition. Civil competition obviously meaning no violence, including no violence like attacking each other’s nodes.”
The recent discovery of bug CVE-2018-17144 and the cooperation between Awemany and the Bitcoin Core team to address the bug supersedes politics and competition in the space. It has demonstrated the necessity of civil competition that is beneficial to every project in the cryptocurrency sector.