Published on: 2017-05-24T17:59:28+00:00
The vulnerability known as ASICBOOST has been assigned a CVE identifier, CVE-2017-9230, by Bitcoin developers. This security vulnerability exploits the design of Bitcoin's proof-of-work algorithm, violating the assumptions that each execution of the function will be independent and that the choice of input should not change its difficulty to evaluate. Originally promoted as a patented mining optimization, ASICBOOST is now regarded as an actively exploited security vulnerability. The patent holder has a dedicated website for this vulnerability. The Mitre CVE team suggested a more appropriate description for CVE-2017-9230 than the one proposed by the developer who assigned the vulnerability number.Several discussions and academic write-ups are available online regarding ASICBOOST. Ryan Grant discusses the perverse incentives created by the vulnerability, while Tier Nolan discusses the non-independent calculation of the proof-of-work. Gregory Maxwell provides evidence of active exploitation of the vulnerability. The original discovery of the vulnerability was made by Dr. Timo Hanke and Sergio Lerner, and it was reported to CVE by Cameron Garnham.ASICBOOST affects all versions of Bitcoin and creates unfair advantages in mining, leading to layer-violations and creating perverse system incentives. The vulnerability falls under Cryptocurrency Mining Algorithm Weakness and Cryptocurrency Proof-of-Work Algorithm Weakness. Bitcoin has confirmed the existence of the vulnerability as the vendor of the product.In an email thread, Cameron Garnham expresses concern that ASICBOOST violates the security assumptions of Bitcoin's proof-of-work function. Garnham argues that the vulnerability creates deviations from the Bitcoin Security Model, potentially leading to security vulnerabilities. Tier Nolan suggests that as long as the effort to find a block is proportional to the block difficulty parameter, ASICBOOST is simply an optimization rather than an exploit. However, it has been discovered that bits in the block header can be used for dual meanings, creating unexpected incentives to block protocol improvements. Therefore, action must be taken to address this issue promptly.Cameron Garnham highlights in an email to the bitcoin-dev mailing list that significant deviations from the Bitcoin Security Model have been acknowledged as security vulnerabilities. The effort to find a block should be proportional to the block difficulty parameter, but ASICBOOST performs multiple checks in parallel, violating the independence of each hash. This creates a vulnerability in the system. Garnham argues that 'ASICBOOST' attacks Bitcoin's security assumptions and exploits the Proof-of-Work Function. He recommends fixing this vulnerability quickly by implementing various measures such as adding extra data in the Coinbase Transaction and making a deterministic ordering of transaction chains within a block.Another member of the Bitcoin Development Mailing List suggests that the current approach to 'ASICBOOST' does not comply with established best practices for security vulnerabilities. Deviations from the Bitcoin Security Model should be considered security vulnerabilities, and being able to craft inputs that are significantly easier to check than alternatives is a vulnerability. They recommend assigning a CVE to the vulnerability exploited by 'ASICBOOST' and taking swift action to restore the quality of the Bitcoin Proof-of-Work function. Various steps are suggested, including adding extra data in the Coinbase Transaction and making a deterministic ordering of transaction chains within a block. If there is a hard-fork, the Proof-of-Work internal merkle structure should be directly considered. The writer emphasizes the need for the Bitcoin community to fix this vulnerability promptly.
Updated on: 2023-08-01T20:38:23.982664+00:00