In a recent blog post, Bitcoin Core developer Corey Fields revealed how he anonymously reported the SIGHASH_BUG in Bitcoin Cash to Bitcoin ABC earlier this year in April. Fields explained that if properly exploited, the bug would have affected the security of Bitcoin Cash transactions, therefore messing up its market value. This issue was dealt within the following month itself.
Fields also stated in the blog post that the biggest hazards to Bitcoin are software development issues. He wrote:
“I’m often asked at conferences and workshops what I consider to be Bitcoin’s greatest challenge in the future. My answer is always the same: avoiding catastrophic software bugs.”
Fields states that the threat posed by such bugs in crypto-networks is often underestimated and organisations in the field need to take much greater care. He explained the entire long drawn procedure he need to get through to send the information to Bitcoin ABC.
An enormous issue in the process was the irresponsible disclosure policies of the company. Fields was also unable to find proper encryption keys so that he cound send the data in encoded format, thereby reducing the risk of it being viewed by others.
He also wrote that his anonymity was important for several personal safety reasons. If a hacker managed to get hold of the vulnerability and then exploited it before the issue could be fixed, it would create several problems for Fields himself as the suspicion could probably fall on him. He explained:
“Because I used my name for the disclosure, hard proof would exist that I had the knowledge and means to attack the network. I would have no way to prove that I was not the attacker. Then consider that, collectively, billions of dollars could have been lost as a result of this exploit. People have been killed for much less.”
Back when Bitcoin ABC made it known that the bug had been dealt with, they had also announced a reward for the anonymous tipper should they reveal themselves. Though, Fields did not mention if he had claimed the prize in his post.