Bitcoin dev denies adding inscriptions to National Vulnerability Database

Must read

Save More Than 50% off the Price of Two Powerful 6-in-1 Charging Cables

Disclosure: Our goal is to feature products and services that we think you'll...

‘I Want a Free Month’: Thousands of Customers Furious at AT&T After Widespread Outages

AT&T suffered mass outages across the U.S. on Thursday with many unable to use their devices to...

Beware the Temptation of Dishonesty — How One Lie Could Sink Your Business

Opinions expressed by Entrepreneur contributors are their own. Many promising entrepreneurs...

Want to Start a Billion-Dollar Business? Look to These Two Industries, Which Have the Most Unicorn Growth

Cybersecurity and artificial intelligence stood out last year as the best-performing industries for unicorns or billion-dollar startups.The...

Bitcoin core developer Luke Dashjr said he played no part in flagging Bitcoin inscriptions as a cybersecurity threat with the NVD, as the listing received a “5.3 Medium” severity score.

1357 Total views

9 Total shares

Bitcoin dev denies adding inscriptions to National Vulnerability Database

Bitcoin core developer Luke Dashjr has denied playing any part in adding Bitcoin inscriptions as a cybersecurity risk on the United States National Vulnerability Database’s (NVD) Common Vulnerabilities and Exposure (CVE) list. 

Dashjr courted controversy in a Dec. 6 post to X (formerly Twitter) claiming that inscriptions — used by the Ordinals protocol and BRC-20 creators to embed data on satoshis — exploit a Bitcoin Core vulnerability to “spam the blockchain.”

PSA: “Inscriptions” are exploiting a vulnerability in #Bitcoin Core to spam the blockchain. Bitcoin Core has, since 2013, allowed users to set a limit on the size of extra data in transactions they relay or mine (`-datacarriersize`). By obfuscating their data as program code,…

— Luke Dashjr (@LukeDashjr) December 6, 2023

Some observers then pointed to Dashjr days later, when Bitcoin inscriptions appeared on the U.S. vulnerability database as part of the CVE list on Dec. 9, which described it as a security flaw that enabled the development of the Ordinals protocol in 2022.

However, despite being an outspoken Bitcoin Ordinals critic, Dashjr told Cointelegraph that he had no role in adding inscriptions to the vulnerability database’s CVE list.

Interestingly, the CVE list is designed so any developer can lodge a vulnerability. It is typically listed as long as the CVE Assignment Team deems it important for public awareness.

Inscriptions get a vulnerability score, and it’s not too bad

On Dec. 11, the NVD updated the listing by assigning inscriptions a base severity score of “5.3 Medium.”

According to data from software firm Atlassian, a medium score refers to a vulnerability where exploitation provides “very limited” access to a network or denial of service attacks that are quite difficult to execute.

The CVE List has assigned a 5.3 Medium score to the Inscriptions listing. Source: NVD

Related: Bitcoin Ordinals could be stopped if blockchain bug is patched, claims dev

Dashjr said that a major factor in the CVE lists’ 5.3 score was due to the vulnerability having a low availability impact on the Bitcoin network. Still, he argued the score could be understating its potential long-term effects.

“I think this [score] may understate the impact, failing to consider the long-term effects of blockchain bloat. If they had classified the availability impact as ‘High,’ the CVSS base score would be 7.5,” he said.

The debate around the nature of Bitcoin inscriptions continues to rage across social media. While many Bitcoiners claim that inscriptions are “spamming the network,” advocates of Ordinals such as Taproot Wizards co-founder Udi Wertheimer say Ordinals are crucial to the next major wave of adoption and revenue generation for the Bitcoin network.

ordinals are a bug pic.twitter.com/vU0CXgD9wY

— Udi Wertheimer (@udiWertheimer) December 12, 2023

The Bitcoin network has seen increased congestion over the past few months due to a wider craze around Ordinals’ nonfungible token inscriptions and BRC-20 token minting.

According to mempool.space, there are more than 275,000 unconfirmed transactions, and average medium-priority transaction costs have increased to around $14 from roughly $1.50. If the so-called inscriptions bug is patched, it could potentially restrict future Ordinals inscriptions on the network.

Magazine: Lawmakers’ fear and doubt drives proposed crypto regulations in US

More articles

Latest article

Save More Than 50% off the Price of Two Powerful 6-in-1 Charging Cables

Disclosure: Our goal is to feature products and services that we think you'll...

‘I Want a Free Month’: Thousands of Customers Furious at AT&T After Widespread Outages

AT&T suffered mass outages across the U.S. on Thursday with many unable to use their devices to...

Beware the Temptation of Dishonesty — How One Lie Could Sink Your Business

Opinions expressed by Entrepreneur contributors are their own. Many promising entrepreneurs...

Want to Start a Billion-Dollar Business? Look to These Two Industries, Which Have the Most Unicorn Growth

Cybersecurity and artificial intelligence stood out last year as the best-performing industries for unicorns or billion-dollar startups.The...