Bitcoin Core software exposes serious vulnerability: Wallet migration may lead to permanent asset loss

Source: TokenPost Original Title: Bitcoin Core Critical Bug Warning… Asset Loss Possible During Wallet Migration Original Link:

Bitcoin Core Software Exposes Serious Vulnerability, Data May Be Deleted During Wallet Migration

The latest version of Bitcoin(BTC)'s core software ‘Bitcoin Core(Bitcoin Core)’ has discovered a fatal vulnerability, and the development team has issued an emergency warning. Under certain conditions, this vulnerability may delete wallet data, which could lead to catastrophic asset loss for users without backups.

The Bitcoin Core development team recently announced through official channels that in versions 30.0 and 30.1, migrating legacy ‘BDB(BDB)’ wallets to the new format could, in rare cases, delete all wallet files on the same node. The team emphasizes, “If this occurs without a backup, encrypted assets may be permanently lost.”

Therefore, the development team plans to fix this issue in the next version 30.2. Until then, users are advised not to attempt migrating legacy wallets using these versions. However, other functions such as existing wallet usage and node operation can continue normally.

User Opinions Diverge: “Minor Vulnerability” vs. “Fundamental Communication Issue”

This vulnerability has been reported by multiple users on GitHub for over two weeks, attracting widespread attention. Some users pointed out that the development team underestimated the severity of the problem. A community user stated, “Many users raised concerns two weeks ago, but response was delayed due to difficulty reproducing the issue.”

Another user also mentioned, “A month ago, users warned core developers,” and noted, “Bitcoin development is moving towards a developer-centric approach, which undermines trust.”

The core controversy revolves around whether the migration is a “rare scenario” or a “misunderstood reality.” Some users pointed out, “v30.0 explicitly stopped loading and creating legacy wallets, and migration is the only option,” and added, “This is a common situation faced by users.”

This user warned that when wallets are not loaded and node data is pruned(pruning), the entire wallet directory could be deleted during migration, and backup files may also disappear, posing a real risk of asset loss.

In contrast, some developers and community members stated that “actual victim cases are very few,” warning against over-interpretation. A developer claimed, “v30 versions account for only about 20% of all Bitcoin nodes, and so far, only one actual victim has been reported.” Another user also said, “While this is an unpleasant vulnerability, there are no officially confirmed cases of Bitcoin loss,” and welcomed the quick release of a fix.

Important Notice for Legacy Wallet Users: Pause Migration, Back Up Immediately

The official stance of Bitcoin Core is very clear: if users are running versions 30.0 or 30.1, they must absolutely not attempt legacy wallet migration and must ensure they have backups. Until the next version is released, continuing to use the current wallet poses no issues.

It is worth noting that ‘legacy wallets’ refer to the wallet format used by Bitcoin Core before April 2022, which was the default until version 23.0, after which the new format became the default. Starting from version 30.0, legacy formats can no longer be loaded or created, making migration necessary. This vulnerability could pose risks to users who are forced to migrate.

Market Interpretation and User Recommendations

The discovered vulnerability in Bitcoin Core software poses a potential threat to thousands of nodes worldwide. Although the probability of occurrence is low, the technical flaw could lead to asset loss, raising concerns about user trust and software stability.

User Recommendations:

• Legacy wallet users should immediately ensure backups and suspend migration attempts
• Before the next version is released, maintaining current usage of existing wallets is the most stable strategy
• The success of open-source projects depends on active communication between users and developers

Terminology:

• Legacy Wallet(BDB): The old default wallet format of Bitcoin Core, no longer supported in the latest versions
• Migration: The process of converting existing wallets to the new format
• Pruning(Pruning): A feature that reduces disk space by deleting parts of blockchain data