Bitcoin Core developer Luke Dashjr has distanced himself from the inclusion of inscriptions on the U.S. National Vulnerability Database’s (NVD) Common Vulnerabilities and Exposure (CVE) list, refuting claims that he had a role in labeling it a cybersecurity risk. Dashjr, a vocal critic of inscriptions used by the Ordinals protocol and BRC-20 creators for embedding data on satoshis, clarified that he played no part in their addition to the CVE list.
Bitcoin Core developer explains his criticism
In a post on social media dated December 6, Dashjr asserted that inscriptions, integral to the Ordinals protocol and BRC-20 tokens, exploit a vulnerability in Bitcoin Core, resulting in what he described as “spamming the blockchain.” Despite his criticism of Ordinals, he mentioned that he was not responsible for adding inscriptions to the CVE list. The CVE list allows any developer to report vulnerabilities, and it gets listed if the CVE Assignment Team deems it essential for public awareness.
On December 11, the U.S. National Vulnerability Database updated the listing, assigning inscriptions a base severity score of “5.3 Medium.” A medium score typically indicates that exploitation provides “very limited” network access or challenging-to-execute denial-of-service attacks. Dashjr pointed out that the score may underestimate the potential long-term impact, suggesting that if the availability impact were classified as “High,” the CVSS base score would be 7.5.
Dashjr argued that the vulnerability’s low availability impact on the Bitcoin network might be understated, particularly in terms of blockchain bloat’s long-term effects. The ongoing debate on social media revolves around whether Bitcoin inscriptions are merely “spamming the network.” Advocates of Ordinals, such as Taproot Wizards co-founder Udi Wertheimer, insist that Ordinals are indispensable for the Bitcoin network’s next major wave of adoption and revenue generation.
Ongoing discourse and the effects of ordinals
The Bitcoin network has witnessed increased congestion due to the growing popularity of Ordinals’ nonfungible token inscriptions and BRC-20 token minting. Current statistics from mempool.space reveals over 275,000 unconfirmed transactions, with average medium-priority transaction costs surging from approximately $1.50 to around $14. If a patch for the so-called inscriptions bug is implemented, it could potentially limit future Ordinals inscriptions on the network.
This situation underscores the ongoing tension between those viewing inscriptions as disruptive and those advocating for their importance in driving Bitcoin’s evolution and usability. Dashjr’s scrutiny of the CVE list’s severity score sheds light on potential discrepancies in assessing the impact of vulnerabilities. He emphasized that the vulnerability might have a more significant long-term impact than reflected in the current score, particularly concerning blockchain bloat.
The nuanced nature of the debate and the dynamic landscape of blockchain technologies contribute to the ongoing discourse surrounding Bitcoin inscriptions, revealing the challenges in navigating the balance between innovation and network stability. As the Bitcoin community grapples with these issues, the significance of maintaining a secure and efficient blockchain remains a paramount concern for developers, advocates, and users alike.
Source: https://www.cryptopolitan.com/bitcoin-denies-flagging-inscriptions-risk/