Skip to content
Get rBTC rbtc icon
Back to Blog
Ecosystem Updates

Rootstock’s observations of the Rab13s vulnerabilities disclosure

Read Time: 2 mins
Rootstock’s observations of the Rab13s vulnerabilities disclosure

On 2023-03-13 at 09:51 ART, Halborn Security reported some vulnerabilities that affect several Bitcoin fork client projects. 

  • The Rootstock Client Node is not a Bitcoin Fork and therefore is not impacted by this vulnerability 
  • All Bitcoin nodes used by critical network services have been patched and are also not affected by this vulnerability 
  • We advise all teams building on top of Rootstock, that rely on the usage of Bitcoin Core nodes,  to verify that they are not affected by these vulnerabilities. If you require assistance, please contact the security team at IOVlabs at security@rsk.co.  

What happened?

Recently, Halborn Security reported some vulnerabilities that affect several Bitcoin fork client projects. As Rootstock is a smart contract platform that operates as a sidechain to the Bitcoin blockchain, we were informed of this vulnerability in advance of its release. Our security teams immediately investigated the scope of the vulnerability and found Rootstock is not impacted. This is because the Rootstock client node is not a Bitcoin fork.

What is the impact of this vulnerability?

The exploits, known as Rab13s, can allow an attacker to perform a denial-of-service attack by causing a network node to disconnect from the rest of the network. As mentioned previously, these vulnerabilities are not affecting the Rootstock network. 

Some projects and software components used as part of the Rootstock network infrastructure may rely on the usage of Bitcoin Core nodes. We have ensured that all Bitcoin nodes used by critical network services are updated to the latest patched Bitcoin versions that are not affected by these vulnerabilities.

As an additional preventive measure, we have notified all Bitcoin mining pools doing merged mining on Rootstock to verify that they are running non-vulnerable Bitcoin Core nodes and to upgrade if necessary.

In summary, the Rootstock network is not affected by the Rab13s exploits.

We encourage all teams building on top of Rootstock to verify that they are not affected by these vulnerabilities and to contact the security teams at IOVlabs at security@rsk.co if they require assistance. 

Finally, we would like to express our appreciation to Halborn for their valuable work and contributions to keeping the entire blockchain industry safe. 

Recommended articles

Why Rootstock: Bitcoin’s Smart Contract Platform for Institutional Finance

Why Rootstock: Bitcoin’s Smart Contract Platform for Institutional Finance

Bitcoin is no longer just a store of value. Institutions are now asking the next question: how do we put it to work? Over the past decade, Bitcoin has proven itself as a neutral settlement layer. It does not depend on an issuer, a jurisdiction, or a shifting monetary policy. That reliability is why it […]

Fundamentals
What Happened on Rootstock in January

What Happened on Rootstock in January

A lot. January solidified Rootstock’s position as Bitcoin’s DeFi Layer. Secure. Uncensorable. Unstoppable. Despite turbulence in the market, Rootstock strengthened its position as the top Bitcoin scaling solution. Top-tier teams deployed institutional-grade vaults, and one of Japan’s biggest names in Web3 announced a partnership to bring BTCFi to Japanese companies. On the ground, the ecosystem […]

Ecosystem Updates