The three possible cases of attack in study would not achieve their purpose. Facing a modification in the code, the blockchain could fork and revert to a previous version.
Almost 650 thousand code lines, which are stored in a single public repository on the GitHub platform, establish how Bitcoin works. A recent analysis of three attack vectors allows determining whether it is possible to introduce malicious code to impair the operation of the network.
People known as maintainers keep the code of the pioneering cryptocurrency under their custody. These individuals are the only ones who have permission to approve any changes to the repository. They are Michael Ford, Wladimir van Der Laan, Pieter Wuille Jonas Schnelli, Marco Falke, and Samuel Dobson.
They are responsible for reviewing the proposals that each Bitcoin developer makes. They should approve them only if they meet certain quality standards.
Furthermore, when the maintainers approve a proposal, it goes to a thorough peer review phase, where anyone can participate on GitHub.
Any change to the code requires approval with any PGP (Pretty Good Privacy) keys to which the maintainers have access.
Attack by Leakage of Maintainers’ Keys
One or more PGP keys may reach into the hands of malicious actors. If this happened, there could be modifications to the repository code.
Researcher Elias Strehle said that, if this happened, “Bitcoin maintainers would quickly create a new repository with new PGP keys.”
Strehle added that they could upload the new code to GitHub without causing damages and ask the community to use the new repository. In this way, the possibility of attacks by leakage of PGP keys is out of the question.
Attack from Bitcoin’s Maintainers
There is also the possibility that one of the maintainers tries to introduce malicious code into Bitcoin Core, states the report. If this happens, the rest of the maintainers or any Bitcoin developer could detect it.
“The signature verification script detects this the next time that someone submits a code inclusion request or runs tests,” explained developer Thomas Kerin. This means that there will be a contradiction in the code the next time that an update occurs.
In Case Bitcoin Maintainers Suffer an Attack
The disappearance of all Bitcoin maintainers and the consequent loss of all PGP keys is the least likely hypothesis.
In case a powerful government kidnaps the five maintainers in an attempt to harm Bitcoin, the developer community could fork the repository, take the last correct confirmation, and start from there.
Even though the kidnapping occurred stealthily, it would still be impossible to make malicious code modifications that go unnoticed. The implementation of updates does not occur automatically in the entire network of Bitcoin nodes, but each operator can decide whether to accept it or not.
Other nodes would disconnect the nodes that forward invalid blocks, and other nodes that send updated nodes would ignore and abort a node that sends old blocks.
Elias Strehle explains that “the manipulated nodes and the healthy nodes might not reach a consensus on the state of the blockchain. Therefore, a fork would occur in which one branch is malicious and the other is healthy.”
The bitcoin.org question-and-answer webpage makes it clear that “no one can force a change to the Bitcoin protocol as all users are free to choose the software and version that they want.” To ensure compatibility, “all users need to use software that complies with the same rules.”
All this indicates that there is a guarantee of the security of the Bitcoin code. Even in case of violation of the access barriers, the community of users has the final decision on whether to use or not the adulterated version of the network.
By Alexander Salazar
