I do not recommend skipping upgrades or reverting your node version. At a minimum you should use the latest node version that receives security backports. Some rare critical security fixes are hidden in plain sight for good reason.
so perhaps the solution is to upgrade to non-core implementations that remove the bugs while maintaining security fixes. The WHOLE point of this post is that OP argues core devs are creating backdoors for exploits.
reply
122 sats \ 1 reply \ @_vnprc 28 Feb
If you don't trust the development process then your only options are to run old software or manually audit the codebase. I don't think running old software will protect you from malicious code injection. This attack vector doesn't work by stealing your coins directly, instead it weakens trust in the whole bitcoin ecosystem and crashing the price. It doesn't matter what node software you run when your bitcoin buys you less goods and services than it used to.
As for actual long-term fixes to this problem you should look into libbitcoinkernel, it will enable a plurality of consensus compatible bitcoin node implementations.
reply
yes all points that make sense. that things like libbitcoinkernel or p2p stack could benefit from longer-term security backport would be a good thing. however in terms of bitcoin core codebase modularization we’re not there yet.
reply