U.S. agency identified Bitcoin in_ions as cybersecurity risk

The U.S. National Vulnerability Database (NVD) has recognized that BRC-20 standard tokens exploit a vulnerability in the Bitcoin code.

According to the official notice, in some versions of the backbone of the network builders, Bitcoin Core and Bitcoin Knots, BRC-20 tokens bypass the established restrictions on the size of additional information contained in the “inions.” The Ordinals protocol allows them to obfuscate data by disguising it as code, as one code developer has already discussed.

The agency has flagged “inions” created using the Ordinals protocol as a cybersecurity threat to the Bitcoin (BTC) network. Being listed in NVD database means that the identified vulnerability has been determined to be of high public awareness. However, it is still at the analysis stage.

The agency also emphasized that BRC-20 has already heavily clogged the first cryptocurrency network. According to representatives, this will negatively impact blockchain performance and transaction fees.

BRC-20 is an experimental token standard on the BTC network. It “labels” satoshis, the smallest unit of Bitcoin, with Java Object Notation (JSON) data.

This way, the coin can be deployed, minted, and transferred. Such tokens appeared against the background of the crypto community’s excitement for the Ordinals protocol, which was launched in early 2023. It allows non-fungible tokens (NFTs) to be added to Satoshi.

As a result of the increased excitement, the blockchain of the first cryptocurrency was overloaded five times. The average transaction value increased to $14-$16.