Author: Andreas M. Antonopoulos 2017-05-26 06:52:26
Published on: 2017-05-26T06:52:26+00:00
In May 2017, a severe security vulnerability called ‘ASICBOOST’ (CVE-2017-9230) was actively exploited in the Bitcoin network. The vulnerability was explained in detail by Jeremy Rubin, and Andreas Antonopoulos emphasized its dangers in his presentation. It was proposed that SegWit be used as a partial-mitigation of ASICBOOST, assuming that any block without a witness commit in its coinbase transaction was mined using covert ASICBOOST. It was also suggested that this mitigation should be quickly strengthened via another soft-fork to make the inclusion of witness commits mandatory. There is intense debate over the security trade-offs of deploying a quick partial-mitigation versus a slower but more conservative approach. Gregory Maxwell proposed an alternative solution to defuse covert ASICBOOST with a segwit-like commitment to the coinbase, which does not require miners to signal or implement SegWit. The author of a post on bitcoin-dev expressed concern that politicizing CVE-2017-9230 could damage long-term Bitcoin development and security. The author suggested that conflating two contentious issues unnecessarily and attracting criticism of self-serving motivation would do more harm than good.
Updated on: 2023-06-12T01:22:35.796410+00:00