In a recent revelation, Bitcoin Core developer Luke Dashjr brought attention to the exploitation of a vulnerability within Bitcoin Core through the Introduction of “Inscriptions.” Dashjr shared on Twitter that this vulnerability is being used to spam the blockchain.
While several projects such as OnChain Monkey, Ordinal Punks, and Taproot Wizards have introduced the Inscriptions model on the Bitcoin blockchain, the developer called out Ordinals as a major player in the ecosystem that will be dead if the next Bitcoin improvement, v27, is executed next year.
Bitcoin Ordinals on Bitcoin
Bitcoin Ordinals is a protocol that allows individual satoshis (the smallest denomination of Bitcoin) to be assigned a unique identifier and additional data, a process known as inscribing.
Each satoshi is given a serial number based on the order in which it was mined, and this number is called an ordinal.
The inscribed data can include images, videos, text, or other content, effectively creating unique and scarce digital assets on the Bitcoin blockchain, similar to non-fungible tokens (NFTs).
The protocol was introduced in January 2023 and has generated both interest and controversy within the crypto community.
The introduction of Bitcoin Ordinals has generated both excitement and criticism within the cryptocurrency community.
Critics argue that Ordinals can negatively impact Bitcoin’s network capacity and scalability, as they require additional data storage and processing.
The large amount of data associated with Ordinal inscriptions and the increased demand for block space can lead to higher fees and congestion on the network. Additionally, others contend that Ordinals are a misuse of the Bitcoin network and a waste of its scarce resources, as they require additional storage and processing power.
Bitcoin vulnerability
According to Dashjr, the vulnerability involves exploiting a feature in Bitcoin Core that has been present since 2013. This feature allows users to set a limit on the size of extra data in transactions they relay or mine, known as -datacarriersize. Inscriptions, however, manage to bypass this limit by disguising their data as program code.
He highlighted that this bug has already been addressed in Bitcoin Knots v25.1, although it took longer to resolve due to disruptions in his workflow towards the end of the previous year.
Despite the fix in Bitcoin Knots, the upcoming v26 release of Bitcoin Core remains vulnerable. The Bitcoin Core developer expressed hope that a final solution will be implemented before the release of v27 next year.
