Cory Fields, a Bitcoin Core developer from MIT Media Labs, revealed a critical vulnerability in Bitcoin Cash (BCH) code in April. About this he wrote a post on the blog platform Medium.
According to the developer, the vulnerability could lead to fatal consequences for the fourth on the capitalization of the cryptocurrency. Despite the fact that the vulnerability was revealed several months ago, the developer only recently decided to make this information public.
The Bitcoin Cash team rewrote part of the transaction confirmation code. However, in the new code, a critical error was made – it did not check a certain bit in the signature type. The vulnerability pointed out by Filsom as SIGHASH_BUG could serve as a reason for separating blockchain into two incompatible chains, as well as making it impossible to carry out transactions.
First Fields decided to immediately report the problem to Bitcoin Cash developers. However, he came to the conclusion that the usual channels of communication can lead to the leakage of information about the vulnerability, as well as its falling into the hands of scammers. Soon he created an anonymous account on GitHub and through Tor contacted the BCH developers, requesting a confidential method of communication.
According to Fields, the aforementioned vulnerability was only a threat to BCH, but not to Bitcoin. By now, the bug has been completely eliminated.