Skip to content
Get rBTC rbtc icon
Back to Blog
Ecosystem

Rootstock’s observations of the Rab13s vulnerabilities disclosure

Read Time: 2 mins
Rootstock’s observations of the Rab13s vulnerabilities disclosure

On 2023-03-13 at 09:51 ART, Halborn Security reported some vulnerabilities that affect several Bitcoin fork client projects. 

  • The Rootstock Client Node is not a Bitcoin Fork and therefore is not impacted by this vulnerability 
  • All Bitcoin nodes used by critical network services have been patched and are also not affected by this vulnerability 
  • We advise all teams building on top of Rootstock, that rely on the usage of Bitcoin Core nodes,  to verify that they are not affected by these vulnerabilities. If you require assistance, please contact the security team at IOVlabs at security@rsk.co.  

What happened?

Recently, Halborn Security reported some vulnerabilities that affect several Bitcoin fork client projects. As Rootstock is a smart contract platform that operates as a sidechain to the Bitcoin blockchain, we were informed of this vulnerability in advance of its release. Our security teams immediately investigated the scope of the vulnerability and found Rootstock is not impacted. This is because the Rootstock client node is not a Bitcoin fork.

What is the impact of this vulnerability?

The exploits, known as Rab13s, can allow an attacker to perform a denial-of-service attack by causing a network node to disconnect from the rest of the network. As mentioned previously, these vulnerabilities are not affecting the Rootstock network. 

Some projects and software components used as part of the Rootstock network infrastructure may rely on the usage of Bitcoin Core nodes. We have ensured that all Bitcoin nodes used by critical network services are updated to the latest patched Bitcoin versions that are not affected by these vulnerabilities.

As an additional preventive measure, we have notified all Bitcoin mining pools doing merged mining on Rootstock to verify that they are running non-vulnerable Bitcoin Core nodes and to upgrade if necessary.

In summary, the Rootstock network is not affected by the Rab13s exploits.

We encourage all teams building on top of Rootstock to verify that they are not affected by these vulnerabilities and to contact the security teams at IOVlabs at security@rsk.co if they require assistance. 

Finally, we would like to express our appreciation to Halborn for their valuable work and contributions to keeping the entire blockchain industry safe. 

Recommended articles

Moving BTC with the PowPeg App: FAQs

Moving BTC with the PowPeg App: FAQs

Bridging BTC in and out of Rootstock using the PowPeg App means converting between BTC and rBTC, a 1:1 representation of Bitcoin on the Rootstock network that enables you to pay gas in the network and interact with DeFi applications with your Bitcoin.  This article answers some of the frequently asked questions about using the […]

Users
Rootstock Staking Surge Campaign: User Guide

Rootstock Staking Surge Campaign: User Guide

The Staking Surge is live, running from May 15th till June 14th, and it’s your chance to earn a part of the $390k reward pool by staking rBTC and SolvBTC on Rootstock. Whether you’re a long-time Rootstock user or a curious DeFi explorer, this guide will walk you through how to take part, what to […]

Users
BitVMX made easy: beginner’s guide with hands-on examples (Part 1)

BitVMX made easy: beginner’s guide with hands-on examples (Part 1)

By Ramon Amela, Research Engineer BitVMX is a groundbreaking technology that enables Bitcoin to validate arbitrary programs without requiring changes to the Bitcoin protocol. Understanding BitVMX can be challenging for newcomers. This guide aims to break down the core concepts with practical examples. Current state of Bitcoin Bitcoin’s transaction model is based on UTXOs (Unspent […]

Developers