Bitcoin Developer Evaluates Critical Bugs Found in SegWit2x Codebase
The release of an open letter published on the SegWit2X mailing list announced the cancellation of the SegWit2X hard fork. The mailing list included BitGo CEO Mike Belshe, ShapeShift CEO Erik Voorhees, Xapo CEO Wences Casares, Blockchain CEO Peter Smith, Bitmain founder Jihan Wu, and SegWit2X lead developer Jeff Garzik.
Miners Continue Mining
Before the termination of SegWit2X by the project’s lead developers and primary supporters, some miners were still running the software. As such, Bitcoin Core developer Peter Todd wrote, “not a guarantee that SegWit2X won’t happen – Belshe can’t stop miners from running that software – but it’s much less likely.”
As Todd predicted, several miners still ran the software after the project’s lead developer had already abandoned the project.
At block 494,782, two blocks before the update were supposed to be executed as a hard fork, a critical flaw emerged, which caused the SegWit2X client to malfunction. It disallowed miners or node operators from running the amendment client.
According to highly regarded bitcoin developer and Paxos principal architect Jimmy Song, two critical bugs were found in the codebase. One was immediately obvious and another that was not as noticeable but, with rigorous testing, would have been. He explained that,
“There were a limited number of differences in the btc1 codebase, compared to Bitcoin Core. In total, there were about 500 lines of changes, most of which weren’t consensus-critical. Yet, there were at least two bugs in the 100 or so changed lines to support a hard fork at block 494,784.”
Critical Bugs Not Addressed
One of the two critical faults involved a feature called VersionBitsState which is necessary to process another function in the codebase of SegWit2X involving SegWit and the increase of the bitcoin block size. The way the function VersionBitsState was called in the SegWit2x codebase was flawed, and as a consequence, it resulted in the shutdown of the update’s client.
With experienced bitcoin developers such as the Bitcoin Core development team, the defect would have been found during a rigorous testing phase. Song noted that the error was not found during the testing phase of SegWit2x because only one administrator was overseeing changes to the SegWit2x codebase.
“You can see that this particular commit doesn’t actually make it into this pull request until way lower on the page. Only one person seems to have approved the changes (opetruzel), and there are complaints near the end by deadalnix (he of Bitcoin Cash fame) about this pull request not having enough tests.”
The second bug was found in the BlockAssembler code, which is responsible for running the code for creating new blocks. Therefore, any flaws or bugs in the BlockAssembler code could lead to a series of errors that could shut down the client or the network.
Network Issues & Vulnerabilities
If the SegWit2x hard fork had been resumed, the token, or B2X, would have had serious network issues, leading to network instability and vulnerabilities. The development team led by Garzik would have had to execute several hard forks to update and fix the bugs.
The major issue with the codebase and its development team was that the entire project had one coder in Jeff Garzik and one reviewer in opetruzel. In contrast, the development teams of bitcoin, ethereum, and other public blockchain network consists of hundreds of developers and reviewers in the open-source development community.
Song concluded that with,
“Reviewing and testing consensus change is really, really hard. It looks like btc1 had exactly one coder and one reviewer for these critical consensus changes and that simply isn’t enough to detect subtle bugs like the first or obvious bugs like the second.”
Naturally, there is no question in regards to the talent of the development team, but it seems here that they lacked the necessary community to take action. Without a call for broader speculation, perhaps newer updates will have to wait.