Developer destroys bitcoins by incorrectly implementing Taproot

Bitmain launches new Bitcoin miner with liquid cooling system

Key facts:
  • In Bitcoin, every satoshi counts and should not be lost or destroyed.

  • Taproot is the most recent update to Bitcoin.

Specialists discovered that a developer destroyed 0.0002 BTC due to a bad implementation of Taproot, the most recent Bitcoin update.

Bitcoins came to be “burned” or destroyed because a developer, either by mistake or intentionally, did not generate a proper public key to create the Taproot address where you would send the BTC.

Let’s remember that to guard, send and receive bitcoins, we need a public key and a private key, which form the basis of the security of our wallets.

Advertising

Developer destroys bitcoins by incorrectly implementing Taproot

Taproot includes a new algorithm or mathematical procedure to generate these keys, which is called Schnorr. This algorithm is compiled in the Bitcoin Improvement Proposal 340, or BIP-340, and was included in Bitcoin in November 2021, as a privacy enhancement for all who wish to use it.

According explained in Suredbits, a Bitcoin derivative asset and functionalities development firm, a developer wanted to create a public key using Schnorr using an incompatible parameter for the algorithm’s elliptic curve, the secp256k1 curve.

This caused the Taproot script or command could not be executed properly, “since the public key inserted in the script originates from an invalid x-coordinate,” they state.

Advertising

Developer destroys bitcoins by incorrectly implementing Taproot

We are not sure if this transaction was an intentional test, or if the developer was not aware of how to create public keys according to BIP-340. Regardless, I think it’s wise to alert the rest of the Bitcoin developers in the ecosystem so they can make sure they’re implementing BIP-340, or their funds will be burned.

Suredbits, Bitcoin development firm.

That way 0.0002 BTC, or 2,000 satoshis, were destroyed, which are currently equivalent to 1 US cent (USD), according to the CriptoNoticias price calculator.

When we refer to the BTC being “burned” or “destroyed”, we mean that they were sent to an address that no one can access, as it would be cryptographically unlikely that you could generate the correct keys to move those bitcoins.

This event was discovered when Suredbits found a bug in their Taproot transaction reader/explorer, where they could only see correct or valid transactions, not incorrect ones. When updating your code library bitcoin-s, they found that someone had burned the bitcoins that way.

Advertising

Developer destroys bitcoins by incorrectly implementing Taproot

Likewise, Suredbits has also found other 14 different bugs regarding the implementation of Taproot by some developers. In total, the errors add 24,197 satoshis burned, which is approximately equivalent to USD 10.

Developer destroys bitcoins by incorrectly implementing Taproot
Errors detected by Suredbits regarding the implementation of Taproot in Bitcoin. Source: Surebits.

Although it may seem like a small amount, one of the maxims of Bitcoin is that every satoshi (sat) counts, so having lost these funds can be just as painful considering the limited scarcity of this cryptocurrency. It shouldn’t be necessary to wait for these sats to be worth millions of dollars to realize the importance of taking care of them and not losing them in this way.

The error is not in Bitcoin, but in its developers

SuredBits clarified in comments to CriptoNoticias that the error is the responsibility of the developers, which can configure the commands freely, making these types of errors.

There is no bug in the Bitcoin protocol. The best way to explain this is to say that a user spent a few bitcoins towards an invalid Taproot address. Bitcoin developers need to be careful to ensure that they are following the correct Taproot specification.

Suredbits, Bitcoin development firm.

Also on their blog they comment that they are currently not aware of tools that can be used to verify that Taproot’s public addresses follow the BIP-340 parameters. “Maybe this post can motivate others to create these tools, or someone can share it with us and we’ll add it to this post,” they say.

It is not the first time that errors have been made when trying to make Taproot transactions, but with the wrong parameters. One of the most notorious cases that we reported in CriptoNoticias recently was in relation to the Binance exchange, which made a mistake when trying to send some BTC via Taproot to a user, permanently losing them.

The exchange acknowledged the error and refunded the funds, however this raised alerts regarding the adoption of Taproot in services like this, which are giants of the Bitcoin and cryptocurrency industry.

See also  While other miners sell, Hut 8 expands and says it will keep its bitcoins - DiarioBitcoin

Leave a Comment

Your email address will not be published.