Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There are people saying that this shouldn't happen again, etc. but it will. Perhaps not in this exact form, but in some form.

And, this was an accident. As we know, there are many people with the ill-intent and incentive to look for or create exploits 24/7. Saying this won't happen again is like saying "Ok, this is the LAST FireFox patch you'll ever need. Really. We've thought of everything."

This is a game of cat and mouse, similar to one I've involuntarily had to play with fraudsters in my business over the years, and we've all been involved with via viruses, software patches, etc.

I am not sure why we continue to have such supreme confidence that we have discovered something even approaching bulletproof here, when history has taught us that we should believe anything but. It's partly the developer mindset, I suppose. We all tend to believe we've thought of every path and that our code is bug free, until someone encounters a bug that is.

We need to abandon that overly optimistic mindset and look for solutions that accomodate the inevitability of this happening again, whether they be process, technical, or both.

This might include the notion of a central registry on the network, which can help to resolve/identify potential forks, etc. While I know the notion of decentralization is sacrosanct in the BTC community, it is really a fallacy that there is not centralization now. The "core team" is actually playing that role, albeit manually, and what this issue shows is that it may well be a necessary role. I am not talking about doing away with the P2P nodes or controlling them centrally, just acknowledging that pure P2P has strong merits, but also introduces vulnerabilities.

This incident was containable and manageable. In the future (and especially at scale), it may well be infeasible for such manual intervention to clean up the mess. Rather than all convince ourselves that we have now thought of everything, we need to assure ourselves that we haven't and never will, then use our collective brainpower to build in the kinds of safeguards and redundancies that will help avert catastrophe when the inevitable happens.



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: