The bitcoin world has been in something of a furore over an attack that, on Tuesday, took down most of the nodes running Bitcoin Unlimited – a controversial alternative version of the cryptocurrency's code.
A 'hot fix' was released later that day, and by Wednesday, most nodes had popped back up.
The news comes a just couple of days after Bitmain's AntPool announced that it would switch its mining pool to the alternative bitcoin software, bringing miner support one step closer to the 75% hashing power threshold needed to activate Bitcoin Unlimited's rules.
Unsurprisingly, the event made a strong impression on the community, and both supporters and critics alike have been vocal in expressing their reactions to the event.
CoinDesk rounded up some of the more popular responses on Twitter (admittedly a platform that might over- rather than under-state divisions within the space) to see how developers and other bitcoin commentators reacted to the node outage.
For a general overview of the ongoing debate, read our easy explainer.
Following the bug exploit, Bitcoin Unlimited’s developer team, which introduced at least one other bug earlier this year, was an obvious target for criticism, but other factors and suggestions were raised too.
1. Developers at fault
Coinbase director of engineering Charlie Lee’s concern, raised in a tweetstorm, is what would happen if Bitcoin Unlimited were the primary software.
1/ Today’s Bitcoin Unlimited node crashing bug proves that users cannot trust Bitcoin’s $20B network in the hands of BU developers.
2/ First, having assert(0) triggered by untrusted inputs is amateurish. Arguably OK if it was a mobile ap. Not OK for nodes backing Bitcoin!
3/ Second, if BU devs practiced adversarial thinking, they wouldn’t have publicly disclosed this 0-day exploit themselves!
2. Lack of collaboration
Others also argued that the code was not well-tested.
BitGo engineer Jameson Lopp argued that only one developer reviewed the code change that led to the crash.
Another bitcoin developer argued that even a novice coder could have been the culprit.
3. Poor review process
"Mastering Bitcoin" author Andreas Antonopoulos argued that, rather than blame the developers, the review process needs to be tightened.
BU bug: This isn't about individual competence. It's about a process with diverse and laborious review, which catches bugs before production
Bugs like this pop up in Core code too. The important difference: they *never* make it to production releases. The QA process catches them
4. I don't always...
Many accounts that are not associated with well-known, or known, people, also participate in the debate.
One such unknown Twitter user added to the "code was untested" sentiment with a meme.
— spiroseliot (@spiroseliot) March 15, 2017
5. Mining pool confusion
Chain product architect Oleg Andreev pointed to a comment from Blockstream CTO Greg Maxwell suggesting that mining pools that say they are running Bitcoin Unlimited might not be.
Greg Maxwell points out that killing 50% of BU nodes did not lead to the same drop in BU-signalling hashrate. (1/3) pic.twitter.com/f9ZsMDaXQb
— Oleg Andreev (@oleganza) March 14, 2017
Lopp, among others, pointed to one developer trying to cover up the crash.
— Jameson Lopp (@lopp) March 14, 2017
Bitcoin Unlimited’s supporters generally took the stance that the software is a newer version and that mistakes are inevitable.
7. Core issues
Bitcoin investor Roger Ver linked to a piece written by one of Bitcoin Unlimited’s developers about some of the bugs they've allegedly discovered in the Bitcoin Core codebase.
"Normally, in Bitcoin Unlimited when we find a Core bug we just fix it and move on" https://t.co/cqQaIm5FZJ
— Roger Ver (@rogerkver) March 14, 2017
8. Satoshi's bugs
Along those lines, Blockchain security and privacy engineer Kristov Atlas pointed out that bitcoin saw a number of bugs in its early days.
A few of the security vulns in the Satoshi-based over the years https://t.co/QwMbyebPqR
It’s unremarkable that Bitcoin Unlimited is going through some growing pains with bugs. 1/
Further, the exploit could encourage new programmers to join the Bitcoin Unlimited ranks and help out, he suggested.
I’ve already casually come across several people volunteering in last 24 hours to start reviewing the BU codebase for 1st time — good start.
9. What about the attacker?
To others, it seems like the attacker was getting off too easily. Whoever he or she is, deserves more blame, suggested Bitcoin Unlimited developer Tom Harding.
10. Strength in numbers
Many argued that the potential fragility of individual bitcoin implementations is a sign that there is strength in having more than one version of bitcoin.
@SatoshiLite It only proves we need multiple implementations. Having most of the network running a single implementation is reckless.
— dagur (@dagur) March 14, 2017
11. The ethereum approach
On a similar note, Ethereum Foundation blockchain consultant Hudson Jameson, a representative from ethereum, a blockchain known for its multiple implementations, even jumped in.
After the BU incident, should Bitcoin implement clients based on a spec rather than based on a reference client? https://t.co/FjgaIZkCtR
— Hudson Jameson (@hudsonjameson) March 15, 2017
12. Take a balanced view
Last, but not least, Abra's John Light urged for less divisive discussion on social media.
Once upon a time, Core caused a fork that lasted for several hours and cost $$$$$ before resolution. Stay humble in face of BU fuckups.
This was under different leadership, and a lot more is on the line now, but still, stones and glass houses and all. Hard work > shitposting.
Mud image via Shutterstock
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.