BTC Developer Jimmy Song on How Bitcoin’s Game Theory Prevents Hacks

  • Bitcoin developer Jimmy song spoke about the cryptocurrency's game theory during a podcast.
  • In it, he addressed then ow infmaous CVE-2018-1744 bug.

Earlier this month, on October 5, Bitcoin programmer Jimmy Song went on the WhatBitcoinDid podcast to discuss the flagship cryptocurrency - bitcoin. Specifically, WhatBitcoinDid host Peter McCormack wanted Jimmy to explain some of the technical challenges BTC is facing today.

The first discussion was about the recent catastrophic bug, also known as CVE-2018-1744. This widely publicized bug created a vulnerability where malicious actors could possibly inflate bitcoin’s supply, giving themselves free coins.

Although the bug caused a lot of shock in the cryptocurrency space, Jimmy noted it is really no big deal - all thanks to the game theory behind Bitcoin. Specifically, in order to exploit the bug, the malicious actor had to be a miner. Then, they’d have to mine a block, which given the network’s growing hashrate is no easy feat.

Even if someone mined the block, Song continued, the transaction would be seen on the public BTC ledger. The nodes would recognize the miner was trying to cause unwanted inflation, and could reject the bugged block. Song showed support for the public nature of Bitcoin, saying that "everyone can see this is a weird transaction,” thus allowing us to notice the hack was used.

From there, the bitcoin developer explained that even if the hack was pulled off, it wouldn’t be easy to unload the hacked BTC. The hacker would have to send it to an exchange really fast, so he/she could sell the fake coins before the chain was rolled back.

The major takeaway here is simple - Bitcoin’s public ledger is a feature, not a bug. Song added that privacy features are important, but at its core, the ledger needs to be public. This allows every node on the network to constantly confirm that Bitcoin’s 21 million coin supply is not violated.

The thing that I don't like about full privacy, especially with like confidential transactions which hide the amounts, is you wouldn't necessarily know if there was a mathematical exploit.

The next topic was Proof-of-Work (PoW). As mentioned earlier, the CVE-2018-1744 bug required the miner to invest energy and resources into mining a block before the hack could be exploited. Song then explained how in order to truly disrupt BTC, attackers would need so much hash rate that it would make the attempt unprofitable

This is why proof of work needs to be expensive, if it is cheap you can roll back things easily. You want it to be very difficult to change history. The only way to make it difficult to change history is to make the process of writing the current history very expensive.

To finish, Song attacked the “mining pools are centralized” claim. As the developer described it, the "miners are the security guards of the network,” who don’t make consensus rules. If the users want to use different rules than the miners, the users can “hire” new miners (security guards) at any time.