The cybersecurity company Quarkslab has completed the first public third-party security audit of the Bitcoin core codebase. The Bitcoin core codebase is the open source reference implementation that supports the Bitcoin network, containing the full node client, graphical user interface (GUI), and embedded wallet.
According to the announcement released on Wednesday, this four-month assessment is funded by the non-profit organization Brink, which supports Open Source Bitcoin protocol development, and is coordinated by the Open Source Technology Improvement Fund (OSTIF). The assessment focuses on the peer-to-peer network layer (the main attack surface of the network) as well as related components, including mempool management, chain state, transaction validation, and consensus logic.
The audit was completed in September, taking 100 working days by three Quarkslab engineers, with technical support from Brink and the Bitcoin development company Chaincode Labs. Before the code review began, the two auditors had face-to-face communication with Brink's engineers to familiarize themselves with the architecture and development practices of Bitcoin Core.
This process combines manual code analysis, dynamic testing, and advanced fuzz testing techniques borrowed from the existing continuous integration workflow of Bitcoin. Fuzz testing is an automated software testing technique that attempts to find vulnerabilities by inputting a large amount of unexpected, random, or malformed data into the code.
Brink pointed out in another article that the purpose of this move is not to certify Bitcoin Core, but to “actively search for vulnerabilities, improve testing methods, and find practical ways to strengthen the codebase.”
Quarkslab reported that no serious, high-risk, or medium-severity issues were found. The auditors did identify two low-risk issues and provided 13 informational recommendations, but these issues do not meet the security vulnerability classification standards of Bitcoin Core.
Quarkslab stated: “Although no major impact issues were found, the existing fuzz testing framework and the new framework for covering untested scenarios such as chain reorganization have both been improved.” OSTIF added: “Although this audit found no issues with significant, high-risk, or medium security impacts, it provided valuable feedback, insights, information, and testing improvement suggestions for Bitcoin.” (The Block)
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Bitcoin, ether, solana hold steady as Trump sets Tuesday night deadline for Iran deal
Bitcoin dipped to $68,589 after a brief rally fueled by ceasefire news, as geopolitical tensions persist. Other cryptocurrencies also fell. Market uncertainty continues, with Bitcoin trading within the $65,000 to $73,000 range, awaiting Trump's deadline for Iran negotiations.
CoinDesk21m ago
Bitcoin spot ETF saw net inflows of $471 million yesterday, with BlackRock’s IBIT leading the way at $182 million in inflows in a single day
On April 6, Bitcoin spot ETF net inflows reached $471 million, including a single-day net inflow of $182 million for the BlackRock ETF and a net inflow of $147 million for the Fidelity ETF. Bitcoin spot ETF total net assets were $90.26B, with cumulative net inflows of $56.43B.
GateNews32m ago
Bitcoin is hovering around the $68,000 threshold, and the risk of further downside is increasing as whales sell and demand remains weak.
Gate News: Bitcoin’s price has fallen to around $68,000. It had repeatedly failed to break through the $70,000 level, and market momentum has clearly weakened. The current price is still within the $65,000 to $73,000 trading range, but the risk of testing the lower end of the range is rising.
GateNews59m ago
The SEC will roll out new rules to “regulate cryptocurrencies”: defining what counts as fundraising and what falls under securities; it has already been submitted to the White House
The U.S. Securities and Exchange Commission (SEC) is set to roll out new rules for “regulating cryptocurrencies” to完善 the crypto asset regulatory framework and clarify whether trading constitutes a security. The rule is based on the 1933 Securities Act and may affect compliance pathways for mainstream assets, aiming to balance protecting investors with encouraging innovation.
GateNews1h ago
Santiment Alert: BTC profit-loss ratio hits 2.95, the top signal is approaching
Based on Santiment data, Bitcoin’s profit-to-loss trade ratio has reached 2.95:1, nearing the historical alert level of 3.0, which may signal a short-term price top. A high profit-to-loss ratio also reflects optimistic market sentiment, but it can also build up selling pressure. Historical cases show that a profit-to-loss ratio near 3.0 does not necessarily lead to a pullback; the market needs to combine multiple indicators for a comprehensive analysis.
MarketWhisper1h ago
A whale moved 300 BTC to a certain CEX about half an hour ago, incurring a loss of roughly $8.82 million
Gate News message, April 7, according to crypto analyst Yu Jin, a whale address transferred 300 BTC into a certain CEX about half an hour ago, worth approximately $20.6 million. That address previously, from January to March last year, bought a total of 510 BTC through a certain CEX at an average price of about $98,190, for a total cost of approximately $50.07 million. The 300 BTC transferred out this time corresponds to realized losses of approximately $8.82 million.
GateNews1h ago
