A detailed version of the report on a highly significant bug in the Bitcoin Core client code was released on September 20. The flaw in question would have allowed for a Denial of Service (DoS). The developers of the protocol created a new version of the Bitcoin Core client, patching the bug and urging network node operators to update their software to the secure version. However, only a few of the Bitcoin network’s nodes updated, making the blockchain vulnerable.
Although there is no concrete number of updated nodes, some, such as developer Luke Dashjr, pointed out that approximately 93% of Bitcoin blockchain nodes are still vulnerable. Others, like Cobra Bitcoin, co-owner of Bitcoin.org, claimed that the number of non-updated nodes is above 80%.
For his part, the researcher and specialist in computer science, Emin Gun Sirer said that the number of nodes not updated is due to their low economic value.
“The percentage of the network not updated after a significant patch corresponds to economically useless nodes. If they did or affected something useful, someone would have bothered to update them,” Gun Sirer explained on Twitter. Sirer himself stated that it would take about 80,000 dollars to carry out an attack taking advantage of these vulnerable Bitcoin blockchain nodes.
The economically essential nodes on the Bitcoin network are now updated
According to Gun Sirer, the more economically important nodes within the Bitcoin network are updated, ensuring a higher security level in the blockchain. Thus, the more large miners and significant commercial and exchange actors participate in the upgrade, the less likely it is that the network will be compromised even though the percentage of non-updated nodes may not be as high.
In fact, when examining the process followed by Bitcoin Core for failure resolution and node update, the team contacted the Slush mining pool to ensure that the new client went into effect. In that case, after the patch was created, Corallo, developer of Bitcoin Core, contacted the Slush executives to make sure the company updated its nodes.
Although it has not been reported that the error was exploited on the Bitcoin network, it did indicate the creation of Bitcoin (BTC) from nothing on the test network. However, being a test network, with a low hashrate level, the operation was denied.