Bitcoin Core on Alert: Ordinals Vulnerability, an Officially Declared Threat!

The controversy surrounding the Bitcoin network’s congestion caused by Ordinals has taken a new turn. The technical loophole exploited for their creation has just been assigned the identifier CVE-2023-50428.

A Now Cataloged Bitcoin Vulnerability

The Bitcoin network has been experiencing an alarming congestion in recent days, caused by a massive influx of transactions related to BRC20 tokens. Tens of thousands of transactions have remained stuck, waiting for a confirmation that is slow to come, while miners’ memory is reaching its limits. This situation is mechanically causing the fees on the network to explode.

Some developers blame the sneaky exploitation of a flaw in the Bitcoin Core code. This would allow ordinal inscriptions and BRC20 tokens integrated into Satoshis to bypass the restrictions normally imposed on the size of additional data in transactions.

On December 6, developer Luke Dashjr had confirmed the implementation of a fix in Bitcoin Knots to block it. Now, in a tweet published yesterday, he reveals that this specific vulnerability has been assigned the identifier CVE-2023-50428.

On December 6, developer Luke Dashjr confirmed the deployment of a fix in Bitcoin Knots to block this vulnerability. Today, in a tweet, he revealed that this vulnerability now carries an official identifier: CVE-2023-50428. CVE (Common Vulnerabilities and Exposures) is an international system for identifying vulnerabilities.

“For the record, this vulnerability has been assigned the identifier CVE-2023-50428,”

A Still Controversial Future Fix

Although the vulnerability is now cataloged, the implications of a future fix continue to be controversial. Its implementation planned for next year could spell the end of the BRC20 tokens and Ordinals, thus fueling tensions within the Bitcoin community.

The debate is gaining significant traction, fracturing the crypto community. Proponents of the Ordinals thus emphasize the fact that developers do not have absolute power over a decentralized network.

Moreover, many users and miners have profited from the opportunities presented by the BRC20s, which have evolved into a thriving industry, especially in the sectors of NFTs. Notably, the OCEAN mining pool, supported by Jack Dorsey, has even decided to suspend the validation of transactions related to the Ordinals protocol.

Whatever the outcome of this issue, the assignment of the CVE-2023-50428 identifier highlights the urgency of the situation. The critical question remains: will the flaw be fixed in version 27 of Bitcoin Core in 2024, potentially leading to the abandonment of Ordinals? Are Ordinals’ defenders willing to sacrifice their booming industry? The evolution of this situation is generating intense interest and promises to be captivating to follow.