Who found the latest Bitcoin bug? Awemany, a BCH developer who contributes to Bitcoin Unlimited project. He is behind a new method to handle 0-conf transactions that is based on the OP_CHECKDATASIG op code.
In a reddit post, he wrote this,
BitcoinABC does not check for duplicate inputs when processing a block, only when inserting a transaction into the mempool.
This is dangerous as blocks can be generated with duplicate transactions and then sent through e.g. compact block missing transactions and avoid hitting the mempool, creating money out of thin air.
He adds,
The Core devs so far haven’t said anything bad since the release and I think I have vented enough of my frustration of their handling of this issue. This does not mean it is all good.
I still think there was and is a Dragon’s Den and some members “over there” are behaving with very despicable tactics. Including some Core members. It is also hard to elucidate the exact structures involved.
But this does not mean I want to lump them all together. Yes, I am guilty of that, many of us on both sides are, and yes it is bad.
For example, and as I referenced him in the release, I like to say again I respect Cory Fields and that he noticed ABC of the bug in time.
I also don’t think I ever saw him in particular behave in any of these trolling and all-too-smug manners.
Now, there might have been just a tiny bit of smug in Cory’s article, but I think I have inserted a matching amount of gloat into mine.
Read the entire fiasco here.