"Secret History of Bitcoin" (7): What is the Bitcoin Alert System?

Source: Hash Pie

Author: LucyCheng

Satoshi Nakamoto posted on the Bitcointalk forum on August 22, 2010, announcing that he is currently building an alert system that can disseminate information to the Bitcoin network, and said that only using the alert private key he set can be activated. Five days after the announcement, Satoshi Nakamoto added this setting to bitcoin v0.3.11.

Satoshi Nakamoto stated on the Bitcoin Forum on August 22, 2010 that he was building an alert system

According to Satoshi Nakamoto's explanation, the alarm system is set up so that when a network emergency occurs, the key holder can issue security alerts to all operating nodes, thereby playing a certain important information reminding role. But contrary to the original intention of Satoshi Nakamoto, this security alert system brought eight years of hidden dangers to the network.

If the key is held in the hands of a trusted person, it can undoubtedly have a reminder effect; for example, in 2013, errors that affected 26 blocks, the core developers used the alert key left by Satoshi Nakamoto to quickly solve it. . But if the key is in the wrong hands, they can use the alarm system to support the continuous push of multiple pieces of information, send massive alarm messages to nodes, and launch DoS attacks (Source: achow101's article on Github ).

Not only that, attackers can also use this feature to pass false or irrelevant messages, thereby causing unnecessary panic and trouble in the community. In fact, such things have happened. In 2016, the client version update reminder information released by the Litecoin network that also has an alert system was incorrectly pushed to all clients of its altcoin Feathercoin for some reason. Inside. Although the incident did not affect the latter too much, it is indeed dangerous to be able to send alarm information on the blockchain based on the same alarm system.

Screenshot from: Twitter of Litecoin founder Li Qiwei

Realizing the existence of hidden dangers, in the same year, Bitcoin Core developers turned off the alert reminder function when Bitcoin Core 0.12.1 was released, and completely deleted the relevant code in the later 0.13.0 version. It may not feel safe enough. In March 2017, the developer also hardcoded the ultimate alert in the Bitcoin Core 0.14.0 version; and set it to not be covered by other information, so that it can be used by old clients who have not noticed the field trend. The person can know the message that the alert system has been broken.

Screenshot from: bitcon.org

By July 2018, as the proportion of older version client users fell below 3%, with the majority of Bitcoin altcoins removing the alert system, the security hazard that lasted eight years was finally at Bitcoin Core developer Bryan Bishop "dismissed completely" after publicly alerting the private key.

Message from Bryan Bishop on the bitcoin-dev mailing list on July 2, 2018

For Bitcoin cybersecurity, public alert keys are a good thing; for Core developers, this is a relief. Because they no longer have to explain to people who require adjustments to transaction costs and mining difficulty, this alert key does not modify the network rules; nor do they have to worry about being the first suspect when the alert system attacks the network. Already.

Retrospective: (6 ) The story behind the Bitcoin Logo?

Next notice: (8) Discussion on "Snack Machine" in Bitcoin Forum

A collection of bitcoin story series you don't know, will be continuously updated, so stay tuned …