Docker containers such as bitcoind, bitcoin-cli and bitcoin-tx have become popular among developers and cryptocurrency enthusiasts for their ease of use and scalability. However, like any other software, they are not without errors and vulnerabilities. In this article, we’ll look at some of the biggest problems these Docker containers have ever faced.

1. Vulnerability CVE-2018-17144 in bitcoind:

In September 2018, the CVE-2018-17144 vulnerability was discovered in the Bitcoin Core library on which bitcoind is based. It allowed attackers to cause a stack overflow error, which led to the creation of transactions with negative fees. This could potentially lead to blockchain splitting and loss of financial assets. Bitcoin Core developers quickly fixed this vulnerability, and users were encouraged to update to version 0.16.3.

2. Vulnerability CVE-2019-5943 in bitcoin-cli:

In April 2019, the CVE-2019-5943 vulnerability was discovered in the libbitcoinconsensus library used by bitcoin-cli. It allowed attackers to create transactions with outdated evidence, which could potentially lead to double spending of funds. Bitcoin Core developers made changes to the library, and users were encouraged to update to version 0.18.0.

3. Vulnerability CVE-2019-12900 in bitcoin-tx:

In May 2019, the CVE-2019-12900 vulnerability in bitcoin-tx was discovered, which allowed attackers to create transactions with invalid input data, which led to the shutdown of the bitcoind node. This vulnerability was fixed in bitcoin-tx version 1.5.1 and users were encouraged to update.

4. Error in docker-bitcoin:

In November 2018, a bug was discovered in the docker-bitcoin repository related to the default ports used to access the Bitcoin node. By default, a Bitcoin node uses port 8333 for P2P connections and port 8332 for RPC connections. However, docker-bitcoin only used port 8332 by default. This meant that users using docker-bitcoin were vulnerable to open RPC attacks since their nodes were reachable on the open port. To resolve this issue, users were advised to configure additional port restrictions or use a proxy server.

In the Docker world, as in many other areas of development, vulnerabilities and bugs constantly arise that can lead to security problems and application instability. This is especially important to consider when dealing with cryptocurrencies such as Bitcoin, where system security and stability is a key aspect. In this article, we will look at some serious errors and vulnerabilities associated with the bitcoind, bitcoin-cli and bitcoin-tx Docker images.

Docker bitcoind

Docker bitcoind is a Bitcoin-for-running container that provides automatic block updates and query execution on the Bitcoin server. A bug associated with this program was discovered in 2018. It was related to an incorrect way of updating blocks, which led to problems with blocks and conflicts. This led to the fact that some blocks could be invalid, which in turn could cause instability and inaccuracy in the system. The bug was an incorrect use of a command git pullin the Dockerfile, which resulted in blocks being updated incorrectly.

Additionally, there was an issue with the bitcoind Docker image being unstable. In some cases, especially when using Docker Compose, the Bitcoin server would not start due to an incorrect configuration mood. The issues have been fixed in subsequent versions of Docker, but this highlights the importance of careful testing and configuration verification when using Docker for cryptocurrency applications.

Docker bitcoin-cli

Docker bitcoin-cli is a client for working with a Bitcoin server. One of the main vulnerabilities found in this container is related to the ability to connect to the Bitcoin server through insecure connections. This could lead to possible attacks and data leakage. This consisted of insufficient verification and restriction of access to the Bitcoin server. As a result, failure to use the appropriate level of authentication and incorrect security settings could lead to data leaks and attacks.

Docker bitcoin-tx

Docker bitcoin-tx is designed to run a Bitcoin processor that performs transactions and performs data translation. One of the vulnerabilities was that the container did not provide secure transaction execution, which could lead to data leakage and possible attacks. This is due to incorrect use of environment variables and incorrect data handling.

General recommendations

It is important to understand that using Docker for cryptocurrency applications requires special care and attention. You need to keep an eye on container updates and upgrades, check your configuration carefully, and use secure connections. Additionally, it’s always a good idea to use the latest versions of Docker and application updates to avoid known vulnerabilities.

It’s also important to use Docker at the server level rather than the client level to ensure better security and controllability. This allows you to more precisely control your environment and ensure data security.