Bitcoin Core’s first public third-party audit finds no major vulnerabilities
Quarkslab completed the first public, third-party security audit of Bitcoin Core, finding no critical, high, or medium-severity vulnerabilities.Summary
Cybersecurity firm Quarkslab conducted the first public, third-party security audit of the Bitcoin Core codebase, which was funded by Brink and coordinated by OSTIF. The four-month assessment focused on the peer-to-peer networking layer, mempool management, transaction validation, and consensus logic, utilizing manual analysis, dynamic testing, and advanced fuzzing techniques. The audit, which totaled 100 man-days of work, resulted in zero critical, high, or medium-severity findings; auditors identified two low-severity issues and provided 13 informational recommendations. This outcome reinforces the perception of Bitcoin Core as a mature and conservatively engineered system. The audit occurred amid ongoing discussions regarding the long-term quantum threat to Bitcoin's cryptography and debates within the ecosystem concerning client diversity, particularly between Bitcoin Core and Knots.
(Source:The Block)