In Bitcoin Core up to and including 26.0 and Bitcoin Knots prior to 25.1.knots20231115, datacarrier size limits can be bypassed by obfuscating data as code (e.g., with OP_FALSE OP_IF), as exploited in the wild by Inscriptions in 2022 and 2023. NOTE: although this is a vulnerability from the perspective of the Bitcoin Knots project, some others consider it "not a bug."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bitcoin bitcoin core |
||
bitcoinknots bitcoin knots |