Let’s hope this post doesn’t age well.

Recently, there was a bug in Bitcoin (arcanely called CVE-2018-17144) that could have resulted in massive denial of service and creation of bitcoins out of thin air.  It was not exploited, but instead responsibly disclosed by a developer working on other forks of Bitcoin.  His story is here.

Bugs are inevitable.  They are a part of life in software development and one bug doesn’t mean the sky is falling.  It does sometimes suggest there are more issues below the surface. As they say, “There’s never just one cockroach. It’s possible that eventually Bitcoin dies because it rots from within.

Bitcoin is now almost 10 years old.  Old software projects are difficult to maintain under any circumstance as requirements and technology change constantly. If Bitcoin was owned by a startup, it probably would have been redone from scratch a couple times by now.  The Bitcoin Core developers have made incremental developments and taken an extreme approach of favoring soft forks (users don’t need to update software) vs. hard forks (users need to update wallet software) meaning a lot of extra code to ensure backwards compatibility. This has made the code very complicated.  It’s possible this eventually makes it difficult to maintain even for the experts. What will this code look like in 10 more years?  20?

The Bitcoin Core developers, in general, are extremely conservative which has sometimes clashed with the views of its users. One side effect of this has been stability.  To date there have been no major vulnerabilities exploited in Bitcoin and 99.98% uptime.  Let’s hope that same approach does not cause the codebase to become such a convoluted mess that we start seeing critical failures that erode the trust of users and push them to other alternatives.