The United States National Vulnerability Database (NVD) flagged Bitcoin's inscriptions as a cybersecurity risk on December 9. This alert highlights a security flaw related to the Ordinals Protocol in Bitcoin, allowing the bypassing of a data carrier limit. Exploited by Inscriptions in 2022 and 2023, this vulnerability could potentially result in large amounts of non-transactional data spamming the blockchain, impacting network size, performance, and fees.

The United States National Vulnerability Database (NVD) flagged Bitcoin's inscriptions as a cybersecurity risk on December 9. This alert highlights a security flaw related to the Ordinals Protocol in Bitcoin, allowing the bypassing of a data carrier limit. Exploited by Inscriptions in 2022 and 2023, this vulnerability could potentially result in large amounts of non-transactional data spamming the blockchain, impacting network size, performance, and fees.

Key Points:

  • NVD Flagging: The National Vulnerability Database (NVD) flagged Bitcoin's inscriptions as a cybersecurity risk, bringing attention to a security flaw related to the Ordinals Protocol in some versions of Bitcoin Core and Bitcoin Knots.

  • Security Flaw Details: The vulnerability allows the bypassing of a data carrier limit by masking data as code. It has been exploited by inscriptions in 2022 and 2023, potentially impacting Bitcoin's network by allowing non-transactional data to spam the blockchain.

  • NVD Recognition: Being added to the NVD's list signifies that a specific cybersecurity vulnerability has been recognized, cataloged, and considered important for public awareness. The NVD is managed by the National Institute of Standards and Technology (NIST), a U.S. Department of Commerce agency.

  • Potential Network Impact: The security flaw is currently under analysis, with potential impacts including large amounts of non-transactional data spamming the blockchain. This could result in increased network size, affecting performance and fees.

  • Bitcoin Core Developer Input: Bitcoin Core developer Luke Dashjr's comments on the vulnerability are featured on the NVD's website. Dashjr highlights how inscriptions exploit a Bitcoin Core vulnerability to spam the network, potentially causing delays and increased processing times.

  • Ordinals Protocol Connection: The vulnerability is particularly relevant to the Ordinals Protocol, which gained popularity in late 2022. This protocol enables the direct embedding of unique digital arts into Bitcoin transactions, similar to NFTs on the Ethereum network.

  • Impact on Ordinals and BRC-20 Tokens: If the bug is patched, it could restrict Ordinals inscriptions on the network. Dashjr confirms that if the vulnerability is fixed, Ordinals and BRC-20 tokens would "stop being a thing," but existing inscriptions would remain intact due to the immutability of the Bitcoin network.

The NVD's recognition of Bitcoin's inscriptions as a cybersecurity risk underscores the potential impact of vulnerabilities on the security and functionality of blockchain networks. The focus on addressing these issues aligns with ongoing efforts to enhance the resilience and integrity of cryptocurrency platforms.


(ANA PAULA PEREIRA, COINTELEGRAPH, 2023)