The United States National Vulnerability Database (NVD) labeled Bitcoin a cybersecurity risk on December 9.
The National Vulnerability Database (NVD) labeled Bitcoin’s inscription as a cybersecurity risk on Dec. 9, calling attention to the security flaws that led to the development of the 2022 Sequencer protocol.
According to the database records, in some versions of Bitcoin Core and Bitcoin Knots, data carrier restrictions can be circumvented by masking the data as code. "As exploited in the wild by Inscriptions in 2022 and 2023," the document reads.
Being added to the NVD list means that a specific cybersecurity vulnerability has been identified, catalogued and deemed important for public awareness. The database is managed by the National Institute of Standards and Technology (NIST), an agency within the U.S. Department of Commerce.
Bitcoin’s network vulnerability is currently being analyzed. As a potential impact, it could cause a large amount of non-transaction data to flood the blockchain, potentially increasing the size of the network and adversely affecting performance and fees.
On NVD’s website, a recent post by Bitcoin Core developer Luke Dashjr on X (formerly Twitter) is cited as an information resource. Dashjr claims that Inscription exploited a Bitcoin Core vulnerability to spam the network. “I imagine it’s like getting spam and having to sift through it every day to find your contacts. This slows down the process,” one user wrote in the discussion.
Why is it relevant to ordinals?
Inscription involves embedding additional data into a specific Satoshi (the smallest unit of Bitcoin). This data can be in any digital form, such as an image, text, or other form of media. Every time data is added to a Satoshi, it becomes a permanent part of the Bitcoin blockchain.
While data embedding has been part of the Bitcoin protocol for some time, its popularity has only increased with the advent of Ordinals in late 2022, which allows unique digital art to be embedded directly into Bitcoin transactions, similar to how non-fungible tokens (NFTs) run on the Ethereum network.
In 2023, Ordinals transaction volume clogged the Bitcoin network several times, leading to more intense competition to confirm transactions, thereby increasing fees and slowing processing times.
If the bug is patched, it has the potential to limit ordinals on the network. When asked if Ordinals and BRC-20 tokens “will no longer exist” if the vulnerability is fixed, Dashjr responded: “Correct.” However, due to the immutable nature of the network, existing inscriptions will remain unchanged.
