Skip to content
Get rBTC rbtc icon
Back to Blog
Ecosystem

Rootstock’s observations of the Rab13s vulnerabilities disclosure

Read Time: 2 mins
Rootstock’s observations of the Rab13s vulnerabilities disclosure

On 2023-03-13 at 09:51 ART, Halborn Security reported some vulnerabilities that affect several Bitcoin fork client projects. 

  • The Rootstock Client Node is not a Bitcoin Fork and therefore is not impacted by this vulnerability 
  • All Bitcoin nodes used by critical network services have been patched and are also not affected by this vulnerability 
  • We advise all teams building on top of Rootstock, that rely on the usage of Bitcoin Core nodes,  to verify that they are not affected by these vulnerabilities. If you require assistance, please contact the security team at IOVlabs at security@rsk.co.  

What happened?

Recently, Halborn Security reported some vulnerabilities that affect several Bitcoin fork client projects. As Rootstock is a smart contract platform that operates as a sidechain to the Bitcoin blockchain, we were informed of this vulnerability in advance of its release. Our security teams immediately investigated the scope of the vulnerability and found Rootstock is not impacted. This is because the Rootstock client node is not a Bitcoin fork.

What is the impact of this vulnerability?

The exploits, known as Rab13s, can allow an attacker to perform a denial-of-service attack by causing a network node to disconnect from the rest of the network. As mentioned previously, these vulnerabilities are not affecting the Rootstock network. 

Some projects and software components used as part of the Rootstock network infrastructure may rely on the usage of Bitcoin Core nodes. We have ensured that all Bitcoin nodes used by critical network services are updated to the latest patched Bitcoin versions that are not affected by these vulnerabilities.

As an additional preventive measure, we have notified all Bitcoin mining pools doing merged mining on Rootstock to verify that they are running non-vulnerable Bitcoin Core nodes and to upgrade if necessary.

In summary, the Rootstock network is not affected by the Rab13s exploits.

We encourage all teams building on top of Rootstock to verify that they are not affected by these vulnerabilities and to contact the security teams at IOVlabs at security@rsk.co if they require assistance. 

Finally, we would like to express our appreciation to Halborn for their valuable work and contributions to keeping the entire blockchain industry safe. 

Recommended articles

Rootstock Attestation Service (RAS) Is Now Live on Rootstock Explorer v3

Rootstock Attestation Service (RAS) Is Now Live on Rootstock Explorer v3

The Rootstock Attestation Service (RAS) is officially live on Rootstock Explorer v3. This new release is empowering developers and enterprises to build verifiable, tamper-proof, and decentralized trust layers on the Bitcoin’s most secure DeFi layer. Developers can now easily create, anchor, and verify attestations directly through the Explorer interface, streamlining the way on-chain and off-chain […]

Developers
Golden Sats Challenge: User Guide to the New Campaign on Rootstock

Golden Sats Challenge: User Guide to the New Campaign on Rootstock

5 Lil Pudgies up for grabs and a $500k+ of incentives to earn! The Rootstock community is excited to introduce the new campaign: The Golden Sats Challenge, and this is your chance to win a Lil Pudgy while earning some decent APR at the same time.  Complete onchain tasks such as bridging through Stargate and […]

Users
Rootstock Blocks Getting Faster: Redefining Difficulty Adjustment

Rootstock Blocks Getting Faster: Redefining Difficulty Adjustment

By Patricio Gallardo Special thanks to research team colleagues whose contributions significantly shaped my ideas on this subject. Tl;dr Rootstock is getting faster, and that means better performance on the most secure Bitcoin DeFi layer.  Shorter block times will make transactions confirm more quickly and improve the overall experience for users and developers. But to […]

Developers