The discovery of the Antbleed vulnerability caused a stir in the Bitcoin mining community

Golden Finance News - On April 26, a mining chip vulnerability that could be used to remotely shut down Bitcoin mining machines was discovered, causing an uproar in the Bitcoin community.

The Bitcoin mining vulnerability incident has caused heated discussions in the community. Image source: Golden Finance

Although its manufacturer Bitmain immediately fixed it afterwards, the incident undoubtedly caused heated discussions in the community.

——Some people think this is just a security vulnerability, not a malicious act by the company, but some people firmly believe that this is an attempt by the mining machine manufacturer to remotely control Bitcoin mining. In any case, given Bitmain's market share, the impact of this incident is huge.

——There are still many similar problems in the Bitcoin world that need to be solved one by one.

The issue involves Bitmain, a controversial maker of mining chips, which some have called a “backdoor” in the code that controls its hardware, giving the company a way to remotely cut power to miners.

Since the code released anonymously on the evening of April 26 was easily exploitable by attackers, the main focus now is on whether it could be abused, which is also the assumed worst-case scenario.

A large number of mining machines on the market are provided by Bitmain. Image source: Golden Finance

The concern is that bad actors could exploit this vulnerability to shut down a large number of Bitcoin mining devices, and since a large number of mining machines on the market are provided by Bitmain, the vulnerability could have a catastrophic impact on the Bitcoin ecosystem.

The vulnerability, called Antbleed, is open source and easy to verify. When it was discovered, a group of people and some developers already knew what the code did.

For example, Satoshi Labs CEO Marek Palatinus independently verified the existence of a backdoor that could be used to block Bitcoin mining by Bitmain miners.

The Bitmain team claims that the Antbleed feature was never completed. Image source: Golden Finance

Bitmain quickly responded with a fix that removed part of the headline Bitcoin mining firmware. In addition, its team claimed that the feature was never completed and was intended to help customers recover from stolen Bitcoin miners, a problem that companies in the industry have often encountered in the past.

Its statement is as follows:

“We never intended this feature to be used on any Antminer without the owner’s authorization, similar to the remote wipe or shutdown features offered by most reputable smartphone manufacturers.”

Much of the community’s recent buzz has been about whether a so-called Bitcoin mining “backdoor” could be used for malicious purposes.

— For example, cutting off power to Bitcoin miners if they don’t comply with the rules set by Bitmain.

Adding to the confusion, bitcoin development has recently become highly politicized, with Bitmain at the center of bitcoin’s long-running scaling debate, opposing proposals authored by members of the bitcoin core community.

- For example, the vulnerability revealed that manufacturers used unknown mining advantages to increase profits.

In a conversation with CoinDesk, Bitcoin Unlimited chief scientist Peter Rizun probably summed up the issue and situation best:

"The central question at the heart of this drama is whether there is a security vulnerability that could allow this remote control functionality to be used for malicious purposes."