Bitcoin Magazine
The Core Issue: Consensus Cleanup
Protocol developers often come across as more pessimistic about Bitcoin’s future than most Bitcoiners. Daily exposure to Bitcoin’s imperfections certainly shapes a sober perspective, and it’s important to reflect on what Bitcoin has achieved. Anyone in the world, no matter their race, age, gender, nationality, or any other arbitrary criterion, is able to store and transfer value on a neutral monetary network more robust now than ever. That said, Bitcoin does have issues that many Bitcoiners are not aware of, but could threaten its long-term prospects if not addressed properly. The vulnerabilities fixed by the Consensus Cleanup are one such example.
The Consensus Cleanup (BIP 541) is a soft fork proposal aimed at patching multiple long-standing vulnerabilities within the Bitcoin consensus protocol. As a soft fork proposal, it is separate in nature to most other Bitcoin Core efforts featured in this edition. Although the proposal has historically been championed by individuals associated with the Bitcoin Core project, it really belongs to the broader category of Bitcoin protocol development.
We will walk through each of the proposal’s four items, describing the impact of the issue addressed and the remediation applied. We’ll discuss how the proposed mitigations evolved to address feedback as well as newfound vulnerabilities. We’ll finish with a brief overview of the current status of the soft fork proposal.
A vulnerability in Bitcoin’s Proof of Work
The Bitcoin network adjusts mining difficulty to maintain an average block rate of one per 10 minutes. An “off by one” bug (a common programming mistake) in its implementation opens up an attack called the Timewarp attack, whereby a majority of miners can artificially speed up the rate of block production by manipulating the difficulty downward.
This attack fortunately requires a 51%+ threshold of miners, but artificially speeding up the block rate is a critical issue. It means that full nodes are not in control of resource usage anymore, and that an attacker can considerably accelerate the bitcoin subsidy emission schedule.
Even though it requires a “51% miner”, it is a significant departure from the standard Bitcoin threat model. A 51% attack traditionally enables a miner to prevent the confirmation of a transaction for as long as they maintain their advantage. But the presence of this bug grants them the power to cripple the network within just 38 days by rapidly reducing the network difficulty.
Instead of taking down the network, it is more probable that an attacker would exploit this bug to a smaller extent. Current miners could coordinate to quadruple the block rate (to 2.5 minute blocks) while keeping the Bitcoin network in a seemingly functioning state, effectively quadrupling the available block space and stealing block subsidies from future miners. Short-sighted users may be incentivized to support
