Unknown Attacker Fails to Disrupt BCH Upgrade

Unknown Attacker Fails to Disrupt BCH Upgrade

TL;DR: Bitcoin ABC developers are describing it as a well-timed attack to coincide with the Bitcoin Cash (BCH) scheduled network upgrade on 12pm UTC, 15 May 2019. The exploit was found in what’s being characterized as an “old bug,” which managed to briefly congest the mempool, and for relatively empty blocks to be mined. Other than an annoyance, it did generate some fear, uncertainty, and doubt (FUD) on social media. By 3:46 pm UTC, the BCH mempool began to clear, but not before FUD spread. An ABC patch has been applied, and the BCH network is successfully upgraded and working as normal. 

Bitcoin Cash (BCH) Attack Aimed to Disrupt Upgrade

Prominent independent miner, known as checksum0, told CoinSpice, “An attacker found a way to get invalid transactions into ABC node’s mempool. Pools and miners were quick to find and diagnose the issue, and reported it to ABC,” he explained. Calling the bug “rather old,” checksum0 also believes it could have been a holdover from November of 2018. “It has never been previously used, and was kept secret by the attacker to be used today,” just in time for the scheduled upgrade.

Unknown Attacker Fails to Disrupt BCH Upgrade
An example of an obvious annoyance attack aimed at Bitcoin ABC.

“This is totally unrelated to today’s upgrade, or any upgrade for that matter,” he insisted. “This is a bug that was specific to ABC code,” checksum0 noted, contrasting with rumors it might have something to do with BCH code proper. Neither it nor other node implementations were impacted, in other words.

Mining pool “BTC.TOP and other pools started mining empty blocks as a way to extend the chain further from the forked block to prevent any other shenanigans,” checksum0 also explained. “The empty blocks were on purpose, as the bug would actually result in no block being found at all, not even empty ones. The ABC team were quick to produce a fix and were in constant communication with pools to ensure it would be deployed in a timely manner. My confidence in the ABC team has actually improved as they were already on top of the issue when I realized something was happening.”


Passing watchers can be excused for being worried. The BCH mempool was indeed unusually clogged, nearly empty blocks were for sure being mined, and at least one “research” outlet quickly took to social media, piling-on any perceived interruptions as real hazards — all of it happening during a scheduled network hard fork upgrade, which, put together, seemed to add up beyond mere coincidence.

Unknown Attacker Fails to Disrupt BCH Upgrade

The attacker(s) evidently understood exploiting an old bug unrelated to the upgrade would end up confusing the mempool into accepting small, bothersome spam transactions, delaying confirmations, helping to spread doubt about the hard fork’s viability. It was enough to cause mining confusion as well for a relatively short amount of time. Bitcoin ABC posted the necessary patch soon after.

Had the bug been exploited any other time, it would be considered little more than an annoyance. “Basically,” Peter Rizun, Chief Scientist at Bitcoin Unlimited explained to CoinSpice, “it was a vulnerability that someone sat on for a long time and chose today to exploit, to make the bug appear more related to the network upgrade than it was. It was really more of a nuisance than anything: it just caused ABC miners to mine empty blocks until they got patched.”

Value of Multiple Implementations

A takeaway could be, “Other BCH implementations like Bitcoin Unlimited (run by Bitcoin.com) were unaffected (they did not have the vulnerability). I hope that miners see the value in multiple competing implementations,” Rizun encouraged, and choose to run multiple clients “in order to add diversity/robustness.” Besides the nuisance, the upgrade proceeded as planned, with BCH users beginning to enjoy the benefits of Schnorr Signatures and Segwit address recovery features.

“Our mempool on the hardfork chain is now mostly cleared,” the exchange BitMEX later clarified, “as a large 0.96MB block is found. The bug (which may have been unrelated to the hardfork) now appears solved. Therefore the Bitcoin Cash network is likely to be reasonably safe again,” they assured.

Cornell University professor Emin Gün Sirer noted, “BCH came under attack today, due to an old bug in block template creation. Attack led to empty blocks for a short while, until patched, otherwise had little effect.” Despite protests to the contrary, minor bugs are common within open source software, part of the trade-off for decentralization. They’re found all the time on every chain, to greater or lesser degrees. Still others again praised Bitcoin ABC developers for their quick thinking.

This is a developing story, and CoinSpice will update as more information becomes available.


Update: A more technical summary can be found here.


DISCLOSURE: The author holds cryptocurrency as part of his financial portfolio, including BCH. 

Unknown Attacker Fails to Disrupt BCH UpgradeCONTINUE THE SPICE and check out our piping hot VIDEOS. Our podcast, The CoinSpice Podcast, has amazing guests. Follow CoinSpice on Twitter. Join our Telegram feed to make sure you never miss a post. Drop some BCH at the merch shop — we’ve got some spicy shirts for men and women. Don’t forget to help spread the word about CoinSpice on social media.