On the 2nd of July, 2020, the ZenGo crypto security firm officially identified a double-spend exploit. This exploit targeted several popular forms of Bitcoin wallet, and was dubbed “BigSpender.”
Wallets Were Notified And Corrected
ZenGo tested nine different forms of Bitcoin wallets and concluded that Ledger Live, BRD, and Edge wallets were vulnerable to this attack. Once the security firm notified all three companies of this threat, they promptly updated their products. Even so, ZenGo warned that possibly millions of crypto users might already have been exposed to this exploit before it was identified.
Even with the move to protect their wallets against this BigSpender exploit, some people are extremely vocal about the matter. Hayden Otto, a proponent of Bitcoin Cash (BCH), has gone public in slandering Bitcoin when he found this new opportunity. He claimed that Bitcoin, the thing that BCH based itself on, is vulnerable to this double-spending exploit “by design,” and claims that it can still be exploited.
A Few Technical Details
ZenGo had discovered BigSpender when the firm did its ongoing research into the “Replace-by-Fee” (RBF) feature that Bitcoin holds.
The security firm explained that this RBF feature is a standard way for a user to “undo” a transaction that has yet to be confirmed. They can do this by sending another transaction that spends the same amount of coins, possibly to another address, with a higher fee, as a result.
However, BigSpender sought to exploit vulnerabilities within RBF, and wasn’t even the first to do so, executing a double-spend attack. This attack holds similar methods that was outlined in a notorious video that Otto had published in December, going viral rather quickly. It should be noted, however, that this exploit is only possible if there were no confirmations already in place.
Biased Slandering Aplenty
Otto hammered the fact that the RBF attack is something of particular concern for merchants that accept BTC. These merchants run the risk of handing over goods to a customer, who then promptly reversed the BTC transaction when they left the store.
Otto went all out demonizing the feature, all the while claiming that this will be impossible to remove from Bitcoin due to its features that improve the quality of life for Bitcoin holders. He thus argued that the issue rested with Bitcoin itself, rather than the wallet software, in particular.
It should be noted, however, that the issue isn’t seen as such a big deal by many other Bitcoin firms. Ledger, in particular, spoke to Forbes about the matter. It explained that the funds aren’t actually being double-spent, but the transactions themselves look like this. Even so, it highlighted that some people could misread the matter at large.