On December 9, the U.S. National Vulnerability Database (NVD) marked Bitcoin's inscription technology as a cybersecurity risk, calling on people to pay attention to this security vulnerability. Currently, the controversy over inscriptions continues to ferment in the crypto community.
Inscription is labeled as a loophole?
The NVD database is managed by the National Institute of Standards and Technology (NIST), an agency of the U.S. Department of Commerce. Being included in the NVD list means that a specific cybersecurity vulnerability has been identified and cataloged with the CVE code 2023-50428.
Officials said that they are still analyzing this vulnerability, but pointed out in the description that in previous versions such as Bitcoin Core v26 and Bitcoin Knots 25.1.knots, there is still a vulnerability that bypasses the data carrier size limit by obfuscating data as program code.
In this regard, Yu Xian, the founder of blockchain security company SlowMist, said earlier in a post: The problem with the engraving technology has been assigned a CVE number, which means that the official has clearly identified it as a vulnerability. However, he also added that the CVE number is one of the most well-known vulnerability proofs for the security industry. Although it is nothing new for many security teams and individuals, relevant roles in the Bitcoin ecosystem may pay more attention to this issue.
Warning from Bitcoin community veterans
This not only reminds people of the recent "radical remarks" made by Luke Dashjr, a veteran of the Bitcoin community, against BRC-20 and inscriptions. Luke believes that BRC-20 and the inscription protocol bypass the data size limit of the Bitcoin block and force a large amount of "junk data" into the block, which will bring unnecessary burdens to the nodes. This practice increases the bandwidth and storage capacity of the nodes. If this situation continues, it will gradually reduce the decentralization of the Bitcoin network and threaten the fine tradition of this "most decentralized blockchain ecosystem."
Luke's concerns are not groundless. On February 1 this year, the Bitcoin network saw the largest block ever, 3.96 MB in size, simply because the block contained an NFT called "Taproot Wizards". Luke Dashjr and others believe that this will lead to a continuous increase in the size of Bitcoin blocks, which will in turn increase the hardware requirements for full nodes, and one of the important factors of decentralization is to reduce the cost of running nodes for users.
While increasing node bandwidth/storage overhead weakens decentralization, large blocks themselves will also have an impact on security. Because larger blocks propagate slower in the network, data consistency between nodes is poor, which can easily lead to orphan blocks and forks. The Conflux team has repeatedly emphasized this point, and the Ethereum Foundation has also been evaluating the impact of larger blocks on security after the launch of EIP-4844. This situation will inevitably have a wide-ranging impact on the entire network.
In addition to the negative impact on the underlying security and decentralization of the Bitcoin network, the practice of embedding derivative assets into Bitcoin UTXO also brings new risks. In essence, this is to directly transfer the security issues that the derivative assets themselves need to solve to the Bitcoin network. If the total value of these derivatives exceeds the value of the assets and computing power required to maintain the security of the Bitcoin network, there may be a "top-heavy, top-heavy" problem, and this risk has become increasingly apparent on Ethereum.
The debate over Bitcoin
Familiar recipe, familiar taste. The war finally started. From 2014 to 2017, the Bitcoin community had a battle between large and small blocks that lasted for several years. Chinese miners, together with exchanges, started a life-and-death battle with Bitcoin fundamentalists. In the end, the large block was defeated and split into BCH and BSV. Chinese miners were also labeled as "mining tyrants."
Now in 2023, driven by retail investors and exchanges, a new wave of "big blockism" movement with inscriptions as the carrier has once again sparked controversy. The debate over large and small blocks involves the positioning and expansion of Bitcoin. It is not only a debate about the technical route, but also a debate about the cognition of "what is Bitcoin".
Under the narrative of digital gold, transaction processing capacity per second (TPS) and capacity expansion have become "false propositions". The annual physical turnover of physical gold accounts for less than 1% of the inventory. As a value storage, Bitcoin does not require high-frequency transactions on the main chain, so TPS and capacity expansion are not a problem at all.
In fact, Ethereum solves the expansion problem in a similar way, turning the main network into a settlement network (expensive, slow, and stable), allowing L2 to truly solve the expansion and TPS problems. But the question is, Bitcoin does not have high TPS and on-chain transactions, so where does the high handling fee come from? If the Bitcoin mining reward ends in 2140, how to ensure the security of the network? This is the core logic point of the big blockists' promotion of unlimited expansion. To be honest, this is indeed an important problem facing Bitcoin, and there is no solution yet; however, this problem will not need to be faced until 2140.
Although small blockists cannot answer the core question of "after the block reward ends, the low handling fee of low-capacity Bitcoin cannot maintain network security", the expansion advocacy of big blockists has obviously directly hit the core value of Bitcoin. Unlimited expansion means constant changes and the introduction of technical risks. In the final stage of expansion, big blockists still cannot solve the expansion problem of the existing framework, but instead lead to a large network, inefficiency, node concentration and high technical risks. This is a fatal blow to Bitcoin, which is digital gold with indestructible security and permanent value storage.
Summarize
Small blocks and large blocks are two evils, so we should choose the lesser of two. Small blockism is more logically self-consistent, leaving the "handling fee" issue to coin holders a hundred years later. However, large blockism, with its patch-like expansion, has an immediate negative impact due to its short-sightedness.
As a coin holder, it is of course good for the Bitcoin ecosystem to be lively, but Bitcoin cannot meet all the needs of everyone; how to balance the tension between technology and desire may be an issue that coin holders, speculators, miners, and exchanges all need to consider.
