In January, while investigating a misbehaving client on the Bitcoin P2P network, I found a vulnerability in ViaBTC's SPV mining code that allowed a remote attacker to waste their 60 EH/s hashrate by sending a single, crafted Bitcoin P2P message.
https://b10c.me/blog/012-viabtc-spv-vulnerability-disclosure/
0xB10C /
npub1ky…fc6vv
2024-03-20 13:58:08
Author Public Key
npub1kyxqqqq8n2pu7f5pthr48zqcmr2k52vrud6wxzjpg0jsqcyhs3tshfc6vvPublished at
2024-03-20 13:58:08Event JSON
{
"id": "1a3ffe1b6eeaccdee6003af144dca8c0746d655d6c6d1b7e60bd01ce329370c8",
"pubkey": "b10c0000079a83cf26815dc7538818d8d56a2983e374e30a4143e50060978457",
"created_at": 1710943088,
"kind": 1,
"tags": [],
"content": "In January, while investigating a misbehaving client on the Bitcoin P2P network, I found a vulnerability in ViaBTC's SPV mining code that allowed a remote attacker to waste their 60 EH/s hashrate by sending a single, crafted Bitcoin P2P message.\n\nhttps://b10c.me/blog/012-viabtc-spv-vulnerability-disclosure/",
"sig": "60713bf2bd12775ed741144a776d8e21495025effc745a88edbd21278df0c5ea5959d0f402d4162f25ebf7a69c3c443ce87a79e3ed8955a9b24ae5e1bd695177"
}