joshua/dash-docs
1
0
Fork 0
mirror of https://github.com/seigler/dash-docs synced 2025-07-27 09:46:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Finish removing alerts info

Browse source
This commit is contained in:
thephez 2018-01-04 13:17:01 -05:00
parent 5c207ed953
commit dcf7efb3b1
15 changed files with 0 additions and 1039 deletions
Download patch file Download diff file Expand all files Collapse all files

41
_alerts/2012-02-18-protocol-change.html
View file

@ -1,41 +0,0 @@
---
title: "February 20, 2012 Protocol Changes"
shorturl: "feb20"
active: false
banner: ""
date: 2012-02-18
---
<p>
In June 2010 the Bitcoin reference software version 0.2.10 introduced
a change to the protocol: the 'version' messages exchanged by nodes
at connection time would have a new format that included checksum
values to detect corruption by broken networks.
</p><p>
All other messages already carry a checksum (for connections between
nodes 0.2.9 and later) but the version messages themselves could not
be changed in a compatible way, so this change was delayed and did not take effect until
<a href="http://www.timeanddate.com/worldclock/fixedtime.html?msg=Bitcoin+protocol+change&amp;iso=20120220T00">midnight UTC on Feb 20th 2012</a>
to leave users time to upgrade.
</p><p>
The developers of the Bitcoin reference software are unable to find
any evidence of any nodes still running software prior to 0.2.10 on
the network. If any nodes with software this old
do still exist, they will no longer be able to connect to newer nodes.
</p><p>
This switchover has been tested and no significant disruption is
expected and none has been observed so far.
Nodes with incorrect clocks may have a difficult
time making new connections for a brief period around the switchover
time.
</p><p>
Please report any new connectivity issues to the <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">#bitcoin-dev
channel</a> on Freenode IRC.
</p><p>
If there are unexpected difficulties this page will be updated with
relevant information.
</p>
<div style="text-align:right">
<i>This notice last updated: Mon, 20 Feb 2012 00:10:00 UTC</i>
</div>

232
_alerts/2012-03-16-critical-vulnerability.html
View file

@ -1,232 +0,0 @@
---
title: "Potentially Critical Security Vulnerability"
shorturl: "critfix"
active: false
banner: ""
date: 2012-03-16
---
<p>
A potential security vulnerability has been discovered in the Windows
version of Bitcoin-Qt. If you are running Bitcoin-Qt versions 0.5
through 0.6 on Windows you should shut it down and upgrade to either
version 0.5.3.1 or 0.6rc4 NOW.
</p><p>
The command-line bitcoin daemon (bitcoind), Mac and Linux versions of
Bitcoin-Qt, and versions prior to 0.5 are not affected.
</p><p>
Due to the nature of the vulnerability, we believe it would be very
difficult for an attacker to do anything more than crash the
Bitcoin-Qt process. However, because there is a possibility of such a
crash causing remote code execution we consider this a critical issue.
</p><p>
If you have any questions, feel free to drop by <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">
the #bitcoin-dev channel</a> on Freenode IRC.
</p><p>
You can download updated binaries from SourceForge:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 for Windows and 0.5.3 for Linux</a>
</p>
<h3 id="spanish">Español: Vulnerabilidad de seguridad (potencialmente crítica)</h3>
<p>
Una vulnerabilidad de seguridad posible no son afectadas en la versión Windows de Bitcoin-Qt. Si está utilizando Bitcoin-Qt 0.5 a través de las versiones 0.6 en Windows, debe cerrar y actualizar a la versión 0.5.3.1 o 0.6rc4 AHORA.
</p><p>
El daemon de la línea de comandos (bitcoind), las versiones Mac y Linux de Bitcoin-Qt, y las versiones anteriores a 0.5 no son afectadas.
</p><p>
Debido a la naturaleza de la vulnerabilidad, creemos que sería muy difícil para un atacante para hacer algo más que chocar Bitcoin-Qt. Sin embargo, debido a que existe la posibilidad causaría la ejecución remota de código consideramos este un tema crítico.
</p><p>
Si tiene alguna pregunta, venga al canal <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">#bitcoin-dev</a> en Freenode.
</p><p>
Puede descargar los archivos binarios actualizados desde SourceForge:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6rc</a><br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 para Windows y 0.5.3 para Linux</a>
</p>
<h3 id="german">Deutsch: DRINGEND: Windows Bitcoin-Qt update</h3>
<p>
Es wurde eine potenzielle Schwachstelle in der Windowsversion Qt-Bitcoin entdeckt. Wenn Sie mit Bitcoin-Qt-Versionen 0.5 bis 0.6 unter Windows arbeiten, sollten Sie das Programm beenden und ein Upgrade auf entweder Version 0.5.3.1 oder 0.6rc4 JETZT durchführen.
</p><p>
Der Kommandozeilen-Bitcoin Daemon (bitcoind), Mac-und Linux-Versionen Bitcoin-Qt-Versionen vor und 0.5 sind nicht betroffen.
</p><p>
Aufgrund der Art der Schwachstelle glauben wir, das es sehr schwer wäre mehr als einen Absturz des Bitcoin-Qt Prozesses zu bewirken.
Nachdem jedoch eine theoretische Möglichkeit eine "Remote Code Execution" besteht erachten wir das als einen kritischen Fall.
</p><p>
Wenn Sie noch Fragen haben, kommen sie in <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">
#bitcoin-dev Kanal</a> auf FreeNode IRC.
</p><p>
Binärdateien sind auf SourceForge verfügbar:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 für Windows und 0.5.3 für Linux</a>
</p>
<h3 id="dutch">Nederlands: Mogelijk kritisch veiligheidsprobleem</h3>
<p>
Er is een een mogelijk veiligheidsprobleem gevonden in de Windows versie van
Bitcoin-Qt. Als u Bitcoin-Qt versie 0.5 tot 0.6 draait, sluit het dan af
en upgrade naar versie 0.5.3.1 of 0.6rc4 NU.
</p><p>
De commandolijn bitcoin daemon (bitcoind), en de Mac of de Linux versie van
Bitcoin-Qt en versie voor 0.5 zijn niet kwetsbaar.
</p><p>
Omwille van het soort veiligheidsprobleem geloven wij dat het zeer
moeilijk zou zijn voor een aanvaller om iets anders te doen dan het
Bitcoin-Qt proces te doen crashen. Echter, aangezien er een mogelijkheid
is tot het uitvoering van code, beschouwen we dit als
een kritisch probleem.
</p><p>
Indien u enige vragen heeft, kom gerust langs op het <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">
het #bitcoin-dev kanaal</a> op Freenode IRC.
</p><p>
U kan een aangepaste versie downloaden op SourceForge:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 voor Windows en 0.5.3 for Linux</a>
</p>
<h3 id="russian">Русский: Найдена потенциальная критическая уязвимость в версиях Bitcoin-Qt от 0.5 до 0.6 для Windows</h3>
<p>
Найдена потенциальная критическая уязвимость в версиях Bitcoin-Qt от 0.5 до 0.6 для Windows. Если вы используете одну из этих версий, отключите её и обновитесь до 0.5.3.1 или 0.6rc4 немедленно.
</p><p>
Версия для командной строки, версии до 0.5, а также версии для Linux и MacOS не подвержены этой уязвимости.
</p><p>
Из-за сути проблемы мы считаем что злоумышленнику будет сложно сделать что-либо помимо завершения процесса Bitcoin-Qt с ошибкой, но поскольку есть теоретическая вероятность что это может вызвать удалённое выполнение кода, мы считаем эту уязвимость критической.
</p><p>
Если у вас есть какие-либо вопросы, обращайтесь на канал <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">
#bitcoin-dev</a> сети Freenode.
</p><p>
Вы можете скачать обновлённые выполняемые файлы с SourceForge:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 RC</a><br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1</a>
</p>
<h3 id="italian">Italiano: Potenziale vulnerabilità di sicurezza critica.</h3>
<p>
Una potenziale vulnerabilità di sicurezza è stata scoperta nella versione di Windows di Bitcoin-Qt. Se stai usando Bitcoin-Qt su Windows dalle versioni 0.5 alla 0.6 dovresti chiuderla e aggiornarla alle versioni 0.5.3.1 o 0.6rc4 ORA.
</p><p>
La versione di Bitcoin a linea di comando (bitcoind), le versioni Mac e Linux di Bitcoin-Qt, e le versioni precedenti alla 0.5 non sono affette dal problema.
</p><p>
Vista la natura della vulnerabilità, crediamo sia molto difficile che un attacco posso fare niente di più del crashare il processo Bitcoin-Qt. Tutta via, visto che c'è la possibilità che questo crash possa causare l'esecuzione di codice remoto lo consideriamo come critico.
</p><p>
Per qualunque domanda, sentitevi liberi di venire <a href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">sul canale #bitcoin-dev</a> su Freenode IRC.
</p><p>
Potete scaricare le versioni aggiornate da SourceForge: <br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidate</a><br><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.2 per Windows e 0.5.3 per Linux</a>
</p>
<h3 id="portugese">Português: Vulnerabilidade de segurança potencialmente crítica</h3>
<p>
Uma vulnerabilidade de segurança em potencial foi descoberto na versão do Bitcoin-Qt para Windows. Se você estiver executando alguma versão entre a 0.5 até a 0.6 do Bitcoin-Qt no Windows, você deve desligá-lo e atualizá-lo para a versão 0.5.3.1 ou 0.6rc4 AGORA!
</p><p>
A versão em linha de comando do Bitcoin (bitcoin daemon - bitcoind), as versões para Mac e Linux do Bitcoin-Qt, e versões anteriores a 0.5 não são afetadas.
</p><p>
Devido à natureza da vulnerabilidade, acreditamos que seria muito difícil para um atacante conseguir fazer qualquer coisa além de travar o programa Bitcoin-Qt. No entanto, como há uma possibilidade de tal acidente causar uma execução de código remota, nós consideramos esta uma questão crucial.
</p><p>
Se você tem qualquer questionamento, sinta-se livre para entrar no canal <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">
#bitcoin-dev</a> no servidor IRC em Freenode.
</p><p>
Você poderá instalar os novos binários a partir do SourceForge:<br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 para Windows e 0.5.3 para Linux</a>
</p><p>
Traduzido por Thiago Martins (ThiagoCMC)
</p>
<h3 id="polish">Polski: Potencjalnie Krytyczne Zagrozenie Bezpieczenstwa</h3>
<p>
Potencjalne zagrozenie zostalo odkryte w Bitcoin-QT wersji Windows. Jesli masz uruchomiony Bitcoin-Qt w wersjach 0.5 przez 0.6 w wersji Windows powinienes je zamknac i pobrac najnowsze wersje 0.5.3.1 lub 0.6rc4 TERAZ.
</p><p>
Demon bitcoin z linni polecen(bitcoind), wersje MAC i Linux Bitcoin-QT, i wersje ponizej 0.5 nie sa zagrozone.
</p><p>
Z wzgeldu na nature zagrozenia, wierzymy ze osoba atakujaca miala by spory problem z zrobieniem czego kolwiek innego niz zawieszenie procesu Bitcoin-QT. Jednak, jest mozliwosc ze takie zawieszenie procesu moglo by doprowadzic do zdalenego odpalenia kodu uwazamy je za krytyczne.
</p><p>
Jesli masz jakie kolwiek pytania kieruj je na kanal <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">#bitcoin-dev</a> IRC Freenode.
</p><p>
Mozesz sciagnac zrodlo z SourceForge:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 dla WIndows i 0.5.3 dla Linuxa</a>
</p>
<h3 id="bulgarian">Български език: Уязвимост в сигурността.</h3>
<p>
Уязвимост в сигурността бе открита при Windows версията на Bitcoin-Qt.Ако използвате Bitcoin-Qt версия 0.5 до 0.6 през Windows,ще се наложи да я спрете и да направите ъпгрейд до 0.5.3.1 или 0.rc4.Command-line даемон-а(bitcoind),няма да бъде афектиран за потребители на Mac или Linux.Поради вида на тази уязвимост,ние вярваме,че би могло да бъде доста трудно за атакуващия да направи нещо повече от това да crash-не процесът - Bitcoin-Qt.Поради това ние го считаме за критичен проблем.
</p><p>
Ако имате някъкви въпроси,не се притеснявайте да ги зададете в <a
href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">
#Bitcoin-dev @freenode</a>.
</p><p>
Можете да изтеглите ъпдейтите от Sourceforge:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br /><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 за Windows и 0.5.3 за Linux.</a>
</p>
<h3 id="greek">Ελληνικά: Σοβαρό πρόβλημα ασφάλειας</h3>
<p>
Ένα πιθανά σοβαρό πρόβλημα ασφάλειας εντοπίστηκε στην έκδοση Windows του Bitcoin-Qt. Εαν χρησιμοποιείτε Bitcoin-Qt εκδόσεις 0.5 έως 0.6 στα Windows, αναβαθμήστε <b>άμεσα</b> σε έκδοση 0.5.3.1 ή 0.6rc4.
</p><p>
Ο δαίμονας bitcoind, οι εκδόσεις Mac, Linux του bitcoin-Qt, και εκδόσεις παλαιότερες της 0.5 δεν επηρεάζονται απο το πρόβλημα.
</p><p>
Λόγω της φύσης του προβλήματος, πιστεύουμε οτι είναι σχεδόν απίθανο κάποιος εισβολέας να καταφέρει οτιδήποτε περισσότερο απο το να κλείσει το Bitcoin-Qt. Παρ'όλα αυτά, επειδή κάτι τέτοιο θα μπορούσε να οδηγήσει σε απομακρυσμένη εκτέλεση κώδικα, θεωρούμε το συγκεκριμένο πρόβλημα πολύ σοβαρό.
</p><p>
Για οποιαδήποτε απορία μπορείτε να επισκευθείτε το κανάλι <a href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">#bitcoin-dev</a> στο IRC (Freenode).
</p><p>
Μπορείτε να κατεβάσετε νέες εκδόσεις απο το SourceForge:<br />
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 για Windows και 0.5.3 για Linux</a>
</p>
<h3 id="swedish">Svenska: Potentiellt kritiskt säkerhetshål</h3>
<p>
Ett potentiellt kritiskt säkerhetshål har upptäckts i Windowsversionen av Bitcoin-QT. Om du kör Bitcoin-QT i någon av versionerna 0.5 t.o.m. 0.6 för Windows så bör du stänga av programmet och uppgradera till version 0.5.3.1 eller 0.6rc4 OMGÅENDE.
</p><p>
Kommandoradsprogrammet Bitcoin daemon (bitcoind), Mac- och Linuxversionerna av Bitcoin-QT samt tidigare versioner än 0.5 påverkas ej.
</p><p>
P.g.a. den typ av sårbarhet det handlar om tror vi att det skulle vara mycket svårt för en angripare att göra något att än att krascha Bitcoin-QT-processen, men eftersom det finns en risk att en sådan krasch kan orsaka "remote code execution" betraktar vi detta som ett kritiskt säkerhetshål.
</p><p>
Om du har några frågor är du välkommen in på kanalen <a href="http://webchat.freenode.net/?channels=bitcoin-dev&amp;uio=d4">#bitcoin-dev</a> på Freenode IRC.
</p><p>
Du kan ladda ner uppdaterade binärer från SourceForge:<br/>
<a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.0/test/">
0.6 Release Candidates</a><br><a
href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.5.3/">
0.5.3.1 för Windows och 0.5.3 för Linux</a>
</p>
<div style="text-align:right">
<i>This notice last updated: Fri, 16 Mar 2012 22:58:00 UTC</i>
</div>

66
_alerts/2012-05-14-dos.html
View file

@ -1,66 +0,0 @@
---
title: "CVE-2012-2459: Critical Vulnerability (denial-of-service)"
shorturl: "dos"
active: false
banner: ""
date: 2012-05-14
---
<h2 id="risks">Risks</h2>
<p>
A denial-of-service vulnerability that affects all versions of
bitcoind and Bitcoin-Qt has been reported and fixed. An attacker
could isolate a victim's node and cause the creation of blockchain
forks.
</p>
<h2 id="solutions">Solutions</h2>
<p>
Because this bug could be exploited to severely disrupt the Bitcoin
network we consider this a critical vulnerability, and encourage
everybody to upgrade to <a href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.6.2/">the latest version: 0.6.2</a>.
</p>
<p>
<a href="https://bitcointalk.org/?topic=79651">Backports for older releases (0.5.5 and 0.4.6) are also available</a> if
you cannot upgrade to version 0.6.2.
</p>
<h2 id="technical-details">Technical Details</h2>
<p>
Full technical details are being withheld to give people the
opportunity to upgrade.
</p>
<p>
Thanks to <a href="http://forre.st/">Forrest Voight</a> for discovering and reporting the vulnerability.
</p>
<h2 id="questions-and-answers">Questions &amp; Answers</h2>
<h3 id="how-do-i-know">
How would I know if I am the victim of this attack?
</h3>
<p>
Your bitcoin process would stop processing blocks and would have a
different block count from the rest of the network (you can see the
current block count at websites like <a href="http://blockexplorer.com/">blockexplorer.com</a> or
<a href="http://blockchain.info/">blockchain.info</a>). Eventually it would display the message:
</p>
<blockquote>WARNING: Displayed transactions may not be correct! You may need to
upgrade, or other nodes may need to upgrade.</blockquote>
<p>
(note that this message is displayed whenever your bitcoin process
detects that the rest of the network seems to have a different
block count, which can happen for several reasons unrelated to
this vulnerability).
</p>
<h3 id="can-my-wallet-be-stolen">
Could this bug be used to steal my wallet?
</h3>
<p>
No.
</p>
<h3 id="can-malware-be-installed">
Could this bug be used to install malware on my system?
</h3>
<p>
No.
</p>
<div style="text-align:right">
<i>This notice last updated: Mon, 14 May 2012 17:00:00 UTC</i>
</div>

42
_alerts/2013-03-11-chain-fork.html
View file

@ -1,42 +0,0 @@
---
title: "11/12 March 2013 Chain Fork Information"
shorturl: "chainfork"
active: false
banner: ""
date: 2013-03-11
---
<h2 id="what-happened">What happened</h2>
<p>
A bitcoin miner running version 0.8.0 created a large block (at height 225,430) that is incompatible
with earlier versions of Bitcoin.
</p>
<p>
The result was a block chain fork, with miners, merchants and users running the new version of bitcoin
accepting, and building on, that block, and miners, merchants and users running older versions of bitcoin
rejecting it and creating their own block chain.
</p>
<h2 id="what-is-being-done">What is being done</h2>
<p>
Large mining pools running version 0.8.0 were asked to switch back to version 0.7, to create a
single block chain compatible with all bitcoin software.
</p>
<h2 id="questions-and-answers">Questions &amp; Answers</h2>
<h3 id="what-should-i-do">I'm not a miner or a merchant, what should I do?</h3>
<p>
Nothing. Your bitcoin software will switch to the correct chain automatically, no matter
which version you are running.
</p>
<h3 id="are-my-bitcoins-safe">Are my bitcoins safe?</h3>
<p>
Yes.
</p>
<h2 id="what-will-be-done">What will be done</h2>
<p>
The core developers have investigated what caused the old versions to reject the new
blocks, and have released a 0.8.1 version that avoids creating blocks that are incompatible with
older versions. <a href="https://en.bitcoin.it/wiki/BIP_50">A full post-mortem document has been published</a>.
</p>
<div style="text-align:right">
<i>This notice last updated: Thu, 16 May 2013 01:37:00 UTC</i>
</div>

73
_alerts/2013-03-15-upgrade-deadline.html
View file

@ -1,73 +0,0 @@
---
title: "15 May 2013 Upgrade Deadline"
shorturl: "may15"
active: false
banner: ""
date: 2013-03-15
---
<h2 id="what-is-happening">What is happening</h2>
<p>
If you are using an old version of Bitcoin-Qt (or bitcoind, the server bitcoin software),
you must either upgrade to version 0.8.0 or later before May 15, 2013,
<a href="#backports">upgrade to an up-to-date "backport" release</a>,
or <a href="#workaround">modify a file</a> and
restart bitcoin to work around a bug with the old software.
</p>
<p>This bug does not affect any bitcoins you already have, but if you do nothing you will
be out of sync with the rest of the Bitcoin network and will be unable to receive
bitcoins (payments sent to you will look like they never get confirmed, or will be confirmed
very slowly). You also risk being the victim of a &quot;double-spend&quot; attack, where somebody sends
you bitcoins that the rest of the network would reject as invalid.
</p>
<p>
We recommend that you
<a href="http://sourceforge.net/projects/bitcoin/files/Bitcoin/bitcoin-0.8.1/">upgrade to version 0.8.1</a>
before the 15th of May to avoid any issues. If you are a solo miner or mining pool operator,
please see the the notes at the end of this page for how to upgrade safely.
</p>
<h2 id="backports">If you cannot upgrade to version 0.8.1</h2>
<p>
If you cannot upgrade to the latest version,
<a href="https://bitcointalk.org/?topic=199699">backports to older branches are now in final testing</a>.
These include not only compatibility for the 15 May changes, but also fixes for known vulnerabilities and bugs, which have already been included and tested in the latest release.
</p>
<h2 id="workaround">If you cannot upgrade to a backport</h2>
<p>
If you cannot upgrade to any of the above, you can still avoid the problem.
Create a file called DB_CONFIG in the bitcoin data directory, containing this line:
</p>
<blockquote>
<pre>
set_lk_max_locks 537000
</pre>
</blockquote>
<p>
<a href="https://en.bitcoin.it/wiki/Data_directory">Look here</a> if you need help
finding the bitcoin data directory.
</p>
<h2 id="miners">Miners/mining pool operators</h2>
<p>
If you are creating new blocks (you are a solo miner or mining pool operator), then
you should be aware that upgrading from 0.7 to 0.8 requires a lengthy
re-indexing operation; you <b>must</b> wait for the reindex to complete before
serving work to miners.
</p>
<p>
And if you are creating blocks and cannot upgrade to version 0.8.1 or a
backport for some
reason, you should <b>not</b> set_lk_max_locks in a DB_CONFIG file until
May 15th; if you increase locks before then you run the risk of creating
or building on blocks incompatible with the rest of the network.
</p>
<h2 id="why-necessary">Why this is necessary</h2>
<p>
A bug caused a <a href="/chainfork">temporary block chain fork on 11 March, 2013</a>.
After investigating
that bug, we determined that the bug can happen even if the entire network was
still running old versions of Bitcoin-Qt/bitcoind. Therefore, the only option is to
require everybody to either upgrade or workaround the bug.
</p>
<div style="text-align:right">
<i>This notice last updated: Fri, 10 May 2013 21:30:00 UTC</i>
</div>

32
_alerts/2013-08-11-android.html
View file

@ -1,32 +0,0 @@
---
title: "Android Security Vulnerability"
active: false
shorturl: "android"
banner: ""
date: 2013-08-11
---
<h2 id="what-happened">What happened</h2>
<p>We recently learned that a component of Android responsible for generating secure random numbers contains <a href="http://android-developers.blogspot.com.au/2013/08/some-securerandom-thoughts.html">critical weaknesses</a>, that render all Android wallets generated to date vulnerable to theft. Because the problem lies with Android itself, this problem will affect you if you have a wallet generated by any Android app. An incomplete list would be <a href="https://play.google.com/store/apps/details?id=de.schildbach.wallet">Bitcoin Wallet</a>, <a href="https://play.google.com/store/apps/details?id=piuk.blockchain.android">blockchain.info</a> wallet, <a href="https://play.google.com/store/apps/details?id=com.miracleas.bitcoin_spinner">BitcoinSpinner</a> and <a href="https://play.google.com/store/apps/details?id=com.mycelium.wallet">Mycelium Wallet</a>. Apps where you don't control the private keys at all are not affected. For example, exchange frontends like the Coinbase or Mt Gox apps are not impacted by this issue because the private keys are not generated on your Android phone.</p>
<h2 id="what-has-been-done">What has been done</h2>
<p>Updates have been prepared for the following wallet apps:</p>
<ul>
<li><b><a href="https://play.google.com/store/apps/details?id=de.schildbach.wallet">Bitcoin Wallet</a></b>: Update 3.15 can be installed from <a href="https://play.google.com/store/apps/details?id=de.schildbach.wallet">Google Play</a> or <a href="http://code.google.com/p/bitcoin-wallet/downloads/list">Google Code</a>. Key rotation will occur automatically soon after you upgrade. The old addresses will be marked as insecure in your address book. You will need to make a fresh backup.</li>
<li><b><a href="https://play.google.com/store/apps/details?id=com.miracleas.bitcoin_spinner">BitcoinSpinner</a></b>: Update 0.8.3b can be installed from <a href="https://play.google.com/store/apps/details?id=com.miracleas.bitcoin_spinner">Google Play</a> or <a href="https://code.google.com/p/bitcoinspinner/downloads/list">Google Code</a>. On startup it will advise you on how to proceed.</li>
<li><b><a href="https://play.google.com/store/apps/details?id=com.mycelium.wallet">Mycelium Bitcoin Wallet</a></b>: Update 0.7.0 can be installed from <a href="https://play.google.com/store/apps/details?id=com.mycelium.wallet">Google Play</a> or <a href="http://mycelium.com/">mycelium.com</a>. A wizard will guide you through the process of moving your bitcoins to newly generated addresses, and put the old keys into archive mode.</li>
<li><b><a href="https://play.google.com/store/apps/details?id=piuk.blockchain.android">blockchain.info</a></b>: Update 3.54 can be installed from <a href="https://play.google.com/store/apps/details?id=piuk.blockchain.android">Google Play</a>. Version 3.54 and above includes an automatic re-keying wizard. Simply update to the latest version and follow the onscreen instructions. Please make a fresh wallet backup after the process completes.</li>
</ul>
<h2 id="what-you-should-do">What you should do</h2>
<p>In order to re-secure existing wallets, key rotation is necessary. This involves generating a new address with a repaired random number generator and then sending all the money in your wallet back to yourself. If you use an Android wallet then we strongly recommend you to upgrade to the latest version available in the Play Store as soon as one becomes available. Once your wallet is rotated, you will need to contact anyone who has stored addresses generated by your phone and give them a new one.</p>
<p>If you can't update your Android app, alternatively, you can send your bitcoins to a Bitcoin wallet on your computer until your
Android app can be updated. You should make sure not to send back your bitcoins to your old insecure addresses.</p>
<div style="text-align:right">
<i>This notice last updated: Tue, 13 Aug 2013 13:51:00 UTC</i>
</div>

22
_alerts/2014-02-11-malleability.html
View file

@ -1,22 +0,0 @@
---
title: "Transaction malleability"
active: false
banner: ""
date: 2014-02-11
---
<h2 id="what-happened">What happened</h2>
<p>Many identical transactions with different transaction IDs are being relayed on the network from an unknown source. As a result, a certain number of services like Bitcoin exchanges and wallets have been found to handle these transactions improperly and are experiencing temporary issues with their internal accounting systems. Transaction malleability is a <a href="https://en.bitcoin.it/wiki/Transaction_Malleability">known issue</a> and many services are mostly unaffected.</p>
<h2 id="what-is-being-done">What is being done</h2>
<p>Bitcoin developers are collaborating with known affected exchanges to fix their internal systems and help resuming withdrawals as soon as possible. Some pool operators have been reported to work on blocking duplicate transactions to help mitigate the problem. Emergency fixes to the Bitcoin protocol are not required and future improvements are already being discussed.</p>
<h2 id="what-you-should-do">What you should do</h2>
<p>No action is required to protect your bitcoins. Always remember to wait for one confirmation or more before spending your bitcoins. You should monitor your own exchange's website to be informed about their service status. Temporary confusion, delays and price volatility can be expected.</p>
<div style="text-align:right">
<i>This notice last updated: Tue, 11 Feb 2014 16:14:57 -0500</i>
</div>

52
_alerts/2014-04-11-heartbleed.html
View file

@ -1,52 +0,0 @@
---
title: "OpenSSL Heartbleed vulnerability"
shorturl: "heartbleed"
active: false
banner: ""
date: 2014-04-11
---
<h2 id="what-happened">What happened</h2>
<p>The version of OpenSSL used by Bitcoin Core software version 0.9.0 and earlier
contains a bug that can reveal memory to a remote attacker. See
<a href="http://heartbleed.com/">http://heartbleed.com/</a>
for details.
</p>
<h2 id="what-you-should-do">What you should do</h2>
<p>Immediately upgrade to <a href="/en/download">Bitcoin Core version 0.9.1</a> which is linked against
OpenSSL version 1.0.1g.
If you use the official binaries, you can verify the version of OpenSSL being
used from the Bitcoin Core GUI's Debug window (accessed from the Help menu).
If you compiled Bitcoin Core yourself or use the Ubuntu PPA, update your
system's OpenSSL.
Linux users should also upgrade their system's version of OpenSSL.
</p>
<h3 id="android">Android</h3>
<p>Android version 4.1.1 is vulnerable to Heartbleed. Try if you can upgrade to at
least Android 4.1.2. If you are using Bitcoin Wallet on an Android phone, you
should upgrade the app to at least version 3.45.</p>
<h2 id="how-serious-is-the-risk">How serious is the risk</h2>
<p>If you are using the Windows version of the Bitcoin Core GUI without a wallet
passphrase, it is possible that your wallet could be compromised by clicking
on a bitcoin: payment request link.
If you are using bitcoind (on Linux, OSX, or Windows),
have enabled the -rpcssl option, and allow RPC connections
from the Internet, an attacker from a whitelisted (-allowip) IP address can
very likely discover the rpcpassword and the last rpc request. It is possible
(but unlikely) private keys could be sent to the attacker.
</p>
<div style="text-align:right">
<i>This notice last updated: Fri, 11 Apr 2014 12:19:23 -0400</i>
</div>

150
_alerts/2015-07-04-spv-mining.md
View file

@ -1,150 +0,0 @@
---
## This file is licensed under the MIT License (MIT) available on
## http://opensource.org/licenses/MIT.
title: "Some Miners Generating Invalid Blocks"
shorturl: "spv-mining"
active: false
date: 2015-07-04
#banner: "WARNING: many wallets currently vulnerable to double-spending of confirmed transactions (click here to read)"
bannerclass: "alert"
---
*This document is being updated as new information arrives. Last
update: 2015-07-15 13:00. All times are UTC.*
**Note: this situation has not been fully resolved, and it does not
appear that it will be fully resolved anytime soon. Users of the
affected wallets listed below are still advised to wait additional
confirmations or to switch to a safer wallet.**
{% assign confs="30" %}
##Summary
Your bitcoins are safe if you received them in transactions confirmed before 2015-07-15 12:00 UTC.
However, there has been a problem with a planned upgrade. For
bitcoins received later than the time above, confirmation scores are
significantly less reliable then they usually are for users of
certain software:
- **Lightweight ([SPV][SPV]) wallet users** should wait an additional {{confs}}
confirmations more than you would normally wait. Electrum users,
please see [this note][electrum note].
- **Bitcoin Core 0.9.4 or earlier users** should wait an
additional {{confs}} confirmations more than you would normally
wait or upgrade to [Bitcoin Core 0.10.2][bitcoin core].
- **Web wallet users** should wait an additional {{confs}} confirmations
more than you would normally wait, unless you know for sure that your
wallet is secured by Bitcoin Core 0.9.5 or later.
- **Bitcoin Core 0.9.5 or later users are unaffected.** (Note:
[upgrade to 0.10.2][bitcoin core] is recommended due to
denial-of-service vulnerabilities unrelated to this alert.)
##Miners
If you pool mine, please switch to a pool that properly validates
blocks. The Wiki Mining Pool Comparison page currently contains a list of [known (or
suspected) good and bad pools][pool list].
If you solo mine, please switch to Bitcoin Core 0.10.2.
<h2 id="solution">When Will Things Go Back To Normal?</h2>
The problem is miners creating invalid blocks. Some software can detect
that those blocks are invalid and reject them; other software can't
detect that blocks are invalid, so they show confirmations that aren't
real.
- **Bitcoin Core 0.9.5 and later** never had any problems because
it could detect which blocks were invalid.
- **Bitcoin Core 0.9.4 and earlier** will never provide as much
security as later versions of Bitcoin Core because it doesn't know
about the additional [BIP66][BIP66]
consensus rules. [Upgrade][bitcoin core] is recommended
to return to full node security.
- **Lightweight (SPV) wallets** are not safe for less than
{{confs}} confirmations until all the major pools switch to full
validation.
- **Web wallets** are very diverse in what infrastructure they
run and how they handle double spends, so unless you know for sure
that they use Bitcoin Core 0.9.5 or later for full validation, you
should assume they have the same security as the lightweight
wallets described above.
<h2 id="cause">What's Happening</h2>
Summary: Some miners are currently generating invalid blocks. Almost
all software (besides Bitcoin Core 0.9.5 and later) will accept these
invalid blocks under certain conditions.
So far, the following forks of two or more blocks have occurred:
{% assign Blocks='Blocks <sup><a href="#invalid-blocks">[1]</a></sup>' %}
<a name="list-of-forks" />
| Start date | End time | {{Blocks}} | Double Spends |
|----------------|----------|------------|---------------|
| 4 July @ 02:10 | 03:50 | 6 | 0 |
| 5 July @ 21:50 | 23:40 | 3 | Not yet known |
The paragraphs that follow explain the cause more throughly.
For several months, an increasing amount of mining hash rate has been
signaling its intent to begin enforcing [BIP66][BIP66]
strict DER signatures. As part of the BIP66 rules,
once 950 of the last 1,000 blocks were version 3 (v3) blocks, all
upgraded miners would reject version 2 (v2) blocks.
Early morning on 4 July 2015, the 950/1000 (95%) threshold was
reached. Shortly thereafter, a small miner (part of the non-upgraded
5%) mined an invalid block--as was an expected occurrence.
Unfortunately, it turned out that roughly half the network hash rate
was mining without fully validating blocks (called SPV mining), and
built new blocks on top of that invalid block.
Note that the roughly 50% of the network that was SPV mining had
explicitly indicated that they would enforce the BIP66 rules. By not
doing so, several large miners have lost over $50,000 dollars worth
of mining income so far.
All software that assumes blocks are valid (because invalid blocks
cost miners money) is at risk of showing transactions as confirmed
when they really aren't. This particularly affects lightweight (SPV)
wallets and software such as old versions of Bitcoin Core which have
been downgraded to SPV-level security by the new BIP66 consensus
rules.
The recommended fix, which was attempted, was to
get all miners off of SPV mining and back to full validation (at
least temporarily). If this happens, Bitcoin.org will reduce its
current recommendation of waiting {{confs}} extra confirmations to a
lower number.
## Updates
1. **6 July 04:00:**{:#update-1} A new fork occurred starting 5 July at
21:30 with three blocks before the valid chain again became the
strongest chain. See the recently-added [list of forks](#list-of-forks).
Reports that the situation has passed are **not correct.** Please continue
to wait {{confs}} more confirmations than you usually would wait before
accepting a transaction.
## Invalid Blocks
Please see the list of [invalid block hashes][] on the Bitcoin Wiki.
<!--
<div style="text-align:right">
<i>This notice last updated: 2015-07-04 06:00 UTC</i>
</div>
-->
[BIP66]: https://github.com/bitcoin/bips/blob/master/bip-0066.mediawiki
[pool list]: https://en.bitcoin.it/wiki/Comparison_of_mining_pools#SPV_Mining_.2F_Old_Bitcoin_Core
[bitcoin core]: /en/download
[SPV]: http://bitcoin.stackexchange.com/questions/4649/what-is-an-spv-client
[electrum note]: https://en.bitcoin.it/wiki/July_2015_Forks#Electrum
[invalid block hashes]: https://en.bitcoin.it/wiki/July_2015_Forks#Invalid_Block_Hashes

65
_alerts/2015-10-12-upnp-vulnerability.md
View file

@ -1,65 +0,0 @@
---
## This file is licensed under the MIT License (MIT) available on
## http://opensource.org/licenses/MIT.
title: "Vulnerability in UPnP library used by Bitcoin Core"
shorturl: "upnp-vulnerability"
active: false
#banner: "WARNING: serious vulnerability in UPnP library used by Bitcoin Core (click here to read)"
#bannerclass: "alert"
---
## Summary
![Disabling UPnP in the GUI](/img/alerts/disable_upnp.png)
Either
- turn off the checkbox in the GUI under Options → Network → Map port using UPNP (see above)
- add the line `upnp=0` to your `bitcoin.conf` file
- add `-upnp=0` to the command line options
Also upgrade to a version of Bitcoin Core at least [0.10.3](https://bitcoin.org/bin/bitcoin-core-0.10.3/)
or [0.11.1](https://bitcoin.org/en/download). These versions upgrade the
library to a non-vulnerable version, as well as disable UPnP by default to
prevent this problem in the future.
## Details
Version before 1.9.20151008 of the miniupnpc library are vulnerable to a buffer
overflow in the XML parser during initial network discovery. The
vulnerable code triggers at startup of Bitcoin Core if UPnP is enabled.
Details of the vulnerability can be found here: <http://talosintel.com/reports/TALOS-2015-0035/>
It has been verified that the vulnerability can be used to crash the
application at startup by running a malicious UPnP server on the local
network.
To have more connectable nodes, the Bitcoin Core executables distributed by
bitcoin.org include the miniupnpc library and have always had UPnP
functionality enabled by default, to forward the P2P port.
This applies to the distributed executables only, not those built from source or
from distribution provided packages. Self-built executables have UPnP disabled
by default, unless `--enable-upnp-default` was provided to the configure script.
Releases starting from 0.10.3 and 0.11.1, and the upcoming 0.12.0 will still ship
with (a patched version) of the library, but no longer enable the functionality by default.
## Mitigation
Bitcoin Core executables are compiled with Address Space Layout Randomization (ASLR),
Stack Smashing Protection (SSP), and non-executable stack and heap (DEP) enabled. This
makes it harder to use this vulnerability for remote code execution or private
key leaks. However, it is still advised to upgrade, or if not possible, disable
UPnP as soon as possible.
## Manual Port Forwarding
With UPnP turned off, your node will still connect to 8 other peers on
the Bitcoin network to receive new blocks and transactions. However, it
will not accept incomming connections from other peers unless you
manually enable port forwarding on your router. If you wish to do
that---it isn't required---please [follow these
instructions](/en/full-node#network-configuration).

28
_alerts/2016-08-17-binary-safety.md
View file

@ -1,28 +0,0 @@
---
## This file is licensed under the MIT License (MIT) available on
## http://opensource.org/licenses/MIT.
title: "0.13.0 Binary Safety Warning"
shorturl: "binary-safety"
active: false
banner: ""
---
## Summary
Bitcoin.org has reason to suspect that the binaries for the upcoming Bitcoin Core release will likely be targeted by
state sponsored attackers. As a website, Bitcoin.org does not have the technical resources to guarantee
that we can defend ourselves from attackers of this calibre. We ask the Bitcoin community,
and in particular the Chinese Bitcoin community to be extra vigilant when downloading binaries from our website.
In such a situation, not being careful before you download binaries could cause you to lose all your coins. This malicious software
might also cause your computer to participate in attacks against the Bitcoin network. We believe Chinese services such as pools and exchanges
are most at risk here due to the origin of the attackers.
## Mitigation
The hashes of Bitcoin Core binaries are cryptographically signed with [this key](https://bitcoin.org/laanwj-releases.asc) belonging to Bitcoin Core maintainer Wladimir J. van der Laan. Additional signatures from other developers can be found in the [gitian signatures repository](https://github.com/bitcoin-core/gitian.sigs).
We strongly recommend that you download Wladimir's key from multiple sources in addition to Bitcoin.org for comparison purposes. For example, you can cross reference Bitcoin.org's copy with the [bitcoin-dev mailing list](https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-June/009045.html) where Wladimir signed a message containing the key's fingerprint (01EA5486DE18A882D4C2684590C8019E36C2E964), but we encourage you to seek out other sources as well in order to make sure you are verifying your download with the correct key. Furthermore, we recommend verifying your download using signatures from multiple developers using the gitian signatures repository.
It is always best practice to securely verify multiple signatures and hashes before running any Bitcoin Core binaries. This is the safest and most secure way to ensure that the binaries you're running are the same ones created by the Core Developers.

73
_alerts/2016-11-01-alert-retirement.md
View file

@ -1,73 +0,0 @@
---
## This file is licensed under the MIT License (MIT) available on
## http://opensource.org/licenses/MIT.
title: "Alert System Retirement"
shorturl: "alert-retirement"
active: false
## banner: "Alert system is being retired (click here to read)"
## bannerclass: "info"
---
## Updates
* **January 19, 2017**: The Final alert has been broadcast. This final alert essentially disables the alert system by overriding all
alerts, preventing other alerts from being broadcast, and displays the static message "Alert Key Compromised". The Alert Key
will be published in the coming months.
* **March 8, 2017**: Bitcoin Core 0.14 released with hard-coded [final alert](https://bitcoin.org/en/release/v0.14.0#final-alert).
* **May 1, 2017**: Postpone release date of Alert key. Older clients may contain Alert handling code which is exploitable using the alert key, therefore the public release of the key has been temporarily postponed until considered safe.
## Summary
The network wide Alert system is being retired. **_No Bitcoins are at risk and this warning may be safely ignored._**
Upgrade to the newest version of your wallet software to no longer see the alert.
## Reasons for Retirement
The network wide Alert system was created by Satoshi Nakamoto as a means of informing Bitcoin users of any important
information regarding Bitcoin. It has been used in the past to inform users about important network events such as
accidental blockchain forks. However, the Alert system also represents a large source of centralization in Bitcoin.
The holders of the singular Alert Key can at any time send an alert which could affect the entire network. As more
developers join, the Alert Key is given to others, but cannot be taken away from those who have left. This has led
to the Alert Key potentially falling into the hands of malicious actors who could use it to disrupt the network. Because
there is only one Alert key, it is not possible to prevent former developers from sending an alert nor is it possible
to identify who sent an Alert.
In addition, the Alert system is primarily Bitcoin Core specific. Many other wallets have their own systems in place but
still must have handling for the Alert system because it is network wide. Something specific for one software should
not be imposed on the entire network.
The Alert system has also lost its usefulness. It is no longer necessary to use it to inform users about problematic network
events as users can easily get their information from any major Bitcoin news outlet.
## The Retirement Plan
Retirement of the Alert system consists of a pre-final alert (this alert) which will warn about the impending retirement, a
final maximum sequence alert which cannot be overridden and displays a static "Alert Key Compromised" message, and the
publishing of the Alert key itself. The final alert will be hard coded into Bitcoin Core 0.14 to ensure that all old nodes
receive the final alert.
|Action|Description|Date|
|---|---|---|
|Pre-final Alert Posts|Posts on Bitcoin.org, various forums, and various mailing lists that the Alert system will be retired|2016-11-01|
|Pre-final Alert|The alert itself warning that the Alert system will be retired|2016-11-02|
|Final Alert|Max sequence Alert to disable the Alert system|2017-01-19|
|Alert key release|The Alert key will be made publicly available|Postponed until further notice.|
## Software without the Alert system
Most major Bitcoin wallets have already removed the alert system in the most recent releases. The software listed below
are guaranteed to have removed/disabled the Alert system or allow you to disable it.
* Bitcoin Core 0.12.1+
* Bitcoin Core 0.10.3, 0.11.x, and 0.12.x can disable alerts with `-alerts=0`
* Armory 0.94.1+
## See also
* [Original email proposing retirement](https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-September/013104.html)
* [Pull request removing Alert system](https://github.com/bitcoin/bitcoin/pull/7692)
* [Removal discussion on github](https://github.com/bitcoin/bitcoin/pull/6260)
* [Pull request disabling alerts](https://github.com/bitcoin/bitcoin/pull/6274)
* [IRC Discussion](https://botbot.me/freenode/bitcoin-core-dev/2016-09-22/?msg=73446303&page=6)

152
_alerts/2017-07-12-potential-split.md
View file

@ -1,152 +0,0 @@
---
## This file is licensed under the MIT License (MIT) available on
## http://opensource.org/licenses/MIT.
title: "Potential network disruption"
shorturl: "potential-split"
active: false
## banner: "Warning: wait for extra confirmations starting July 22nd"
## bannerclass: "warning"
---
{% assign start='<span class="date">2017/08/01 00:00 UTC</span>' %}
*Last updated: <span class="date">2017/07/21 12:00 UTC</span>. This
page will be updated when new information becomes available. See the
[list of updates][].*
Starting at approximately <span class="date">2017/07/23 00:00
UTC</span>, Bitcoin [confirmation scores][confirmation scoring] may
become less reliable than normal for a period of up to a month.
Users are advised to wait for more confirmations than they usually would
before accepting any payment as final. Bitcoin.org's usual
[recommendation][confirmation scoring] during network disruption is to
wait for 30 confirmations.
We also recommend monitoring this page and other Bitcoin news sites for
additional information and updates.
*Outdated information from earlier versions of this post follows.*
## Chain split
Since Bitcoin's inception, its network has facilitated hundreds of millions of
transactions. As a result, different groups of people (developers, investors,
entrepreneurs, etc.), have debated on the best ways Bitcoin can be optimized to
allow it to exponentially scale even further. In recent months, alternative
software has been released that represents some of the interests of the
aforementioned groups of people - software that is scheduled to go live toward
the end of July.
The Bitcoin block chain, which is a record of all Bitcoin transactions to date,
relies on a network of thousands of Bitcoin nodes running Bitcoin software. On
{{start}}, the Bitcoin block chain may experience what is known as a chain
split. This is when a portion of Bitcoin's nodes run software that another
portion of nodes are not fully compatible with. As a result, some nodes may
propagate confirmed transactions that other nodes may not accept or recognize.
This may result in unreliable [confirmation scoring][] for an unknown length of
time. This means that any bitcoins you receive during this period could
disappear from your wallet or be a type of bitcoin that other people will not
accept as payment, until the situation is resolved.
Once the situation is resolved, confirmation scoring will either automatically
return to their normal reliability or there will be two (or more) competing
versions of Bitcoin as a result of a split block chain. In the former case, you
may return to using Bitcoin normally; in the latter case, you will need to take
extra steps in order to begin safely receiving bitcoins again.
This post currently describes what actions you can take to prepare for
this situation. Subsequent to {{start}}, we will update this post as
best we can with relevant information, but you are also advised to
monitor other Bitcoin [news sites][] and [community resources][] for
updates and to cross-check all information, as someone may attempt to
spread false news in order to exploit the situation.
Remember that you alone are responsible for the safety of your bitcoins,
and that if you lose control of them for any reason, there is nothing
the operators or contributors to this website can do to help you.
*Note:* there is a chance a milder level of disruption could start
between now and {{start}}. If that is the case, this post will be
updated with details.
## Preparation
1. If you accept bitcoins as payments, we recommend that you stop
accepting Bitcoin payments at least 12 hours before {{start}}, although
24 to 48 hours earlier may be safer. This will give time for all
pending payments to confirm on the Bitcoin block chain before the event.
1. If you send bitcoins as payments, note that many services may stop
accepting bitcoins at {{start}} or earlier.
1. Be wary of storing your bitcoins on an exchange or any service that
doesn't allow you to make a local backup copy of your private keys. If
they accept transactions during the event, they could lose money and
will likely spread those losses across all their users. If there end up
being two or more competing versions of Bitcoin, then they may refuse to
give you your bitcoins on versions they don't like.
1. Bitcoin may experience significant price fluctuations in relation to
other currencies. Learn more about [price volatility][] and ensure you
aren't holding more bitcoin than you can afford to lose.
## During the event
1. Do not trust any payments you receive after {{start}} until the situation
is resolved. No matter how many confirmations the new payment says it
has, it can disappear from your wallet at any point up until the
situation is resolved.
1. Try not to send any payments. During the event there may be two or
more different types of bitcoin and you may send all of the different
types to a recipient who only expects one type. This would benefit the
recipient at your expense.
1. Be wary of offers to allow you to invest in the outcome of the event
by "splitting" your coins. Some of these offers may be scams, and
software claiming to split your coins can also steal them.
## After the event
We will update this section with more information after {{start}}. Please
monitor this page accordingly and wait until multiple news sources that you
trust have stated that the event is resolved before returning to normal Bitcoin
use.
## Document history
**Note:** The information contained herein is not to be construed as an official
statement by Bitcoin Core. Bitcoin.org and Bitcoin Core open source projects are
run by separate teams.
A [full history][] of this document is available. The following points
summarize major changes, with the most recent changes being listed
first.
- <span class="date">2017/07/22 12:00 UTC</span>: describe possible
unreliability of confirmation scores starting July 22 or 23.
- <span class="date">2017/07/13 11:21 UTC</span>: add general info about split.
- <span class="date">2017/07/12 12:00 UTC</span>: initial version.
[full history]: https://github.com/bitcoin-dot-org/bitcoin.org/commits/master/_alerts/2017-07-12-potential-split.md
[list of updates]: #document-history
[news sites]: /en/resources#news
[community resources]: /en/community
[confirmation scoring]: /en/you-need-to-know#instant
[price volatility]: /en/you-need-to-know#volatile
<script src="/js/jquery/jquery-1.11.2.min.js"></script>
<script>
// Localize dates
$(".date").each(function() {
// Try to parse the string as a date
epoch = Date.parse($(this).text());
// Only convert the string to localtime if it's a number
if (isNaN(epoch) == false) {
var utcdate=new Date(epoch);
var localedate = utcdate.toString();
$(this).text(localedate);
}
});
</script>

4
_config.yml
View file

@ -595,10 +595,6 @@ devsearches:
- "version": "/en/developer-reference#version" - "version": "/en/developer-reference#version"
collections: collections:
## _alerts
alerts:
output: true
permalink: /en/alert/:path
## _releases ## _releases
releases: releases:
output: true output: true

7
_plugins/sitemap.rb
View file

@ -71,13 +71,6 @@ module Jekyll
sitemap.puts ' <loc>https://bitcoin.org/'+file.gsub('.html','').gsub('.md','')+'</loc>' sitemap.puts ' <loc>https://bitcoin.org/'+file.gsub('.html','').gsub('.md','')+'</loc>'
sitemap.puts '</url>' sitemap.puts '</url>'
end end
#Add alerts pages
Dir.foreach('_alerts') do |file|
next if file == '.' or file == '..'
sitemap.puts '<url>'
sitemap.puts ' <loc>https://bitcoin.org/en/alert/'+file.gsub('.html','')+'</loc>'
sitemap.puts '</url>'
end
#Add releases pages #Add releases pages
Dir.foreach('_releases') do |file| Dir.foreach('_releases') do |file|
next if file == '.' or file == '..' next if file == '.' or file == '..'