Bitcoin Inscriptions Highlighted as Cybersecurity Risk by National Vulnerability Database
Bitcoin Inscriptions Highlighted as Cybersecurity Risk by National Vulnerability Database
In a December 9 announcement, the National Vulnerability Database (NVD) identified a critical vulnerability in Bitcoin’s inscriptions, potentially impacting the Ordinals Protocol developed in 2022.
The NVD, overseen by the National Institute of Standards and Technology (NIST), a branch of the U.S. Department of Commerce, plays a crucial role in cataloging and spreading information about cybersecurity vulnerabilities to the public.
Unveiling the Vulnerability
The NVD document highlights that the vulnerability arises from the possibility of bypassing the data carrier limit in specific versions of Bitcoin Core and Bitcoin Knots, allowing data to be disguised as code, noting that inscriptions exploited this loophole in 2022 and 2023.
The significance of this vulnerability for Ordinals pertains to “inscriptions.” These inscriptions involve incorporating additional data onto a particular satoshi, the smallest unit of Bitcoin. This data can range from digital images to text and other media forms.
Since late 2022, the Ordinals revolutionized the digital art scene by enabling the seamless integration of unique artworks into Bitcoin transactions. This feature, similar to Ethereum’s nonfungible tokens (NFTs), sparked a surge in the popularity of data embedding.
This particular vulnerability in Bitcoin’s network is currently undergoing detailed analysis. One of its primary implications includes the potential influx of non-transactional data, which could clog the blockchain, leading to increased network size and adversely affecting its performance and fees.
Industry Perspectives on Ordinals
Bitcoin Core developer Luke Dashjr’s recent post on X is highlighted on the NVD’s website as a key information source.
Dashjr claims that inscriptions exploit a Bitcoin Core vulnerability to spam the network with irrelevant data. One user likened this to getting bombarded with junk mail daily, forcing you to sort through it all to find the messages from your contacts, which inevitably affects the overall process.
Peter McCormack, a noted Bitcoin podcaster, has weighed in on the debate. He emphasizes that Ordinals do not contribute positively to Bitcoin users, worsening the network’s already high fees.
I am on my flight home from Africa, where we shot another FTM in Ghana, Malawi and Kenya.
I have much to share regarding this trip, which I will do over various upcoming podcasts and films. I will say that I saw the best and worst of the world on this trip, from the beautiful… pic.twitter.com/enrdIfRmZ1
— Peter McCormack🏴☠️ (@PeterMcCormack) December 10, 2023
Throughout 2023, the increasing volume of Ordinals transactions has repeatedly congested the Bitcoin network. This congestion has increased competition for transaction confirmations, elevating fees and prolonging processing times.
When questioned about the potential outcome of fixing this vulnerability, Dashjr indicated that it might lead to the cessation of Ordinals and BRC-20 tokens. However, he also noted that existing inscriptions would remain unchanged due to the network’s immutable nature.
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).