Bitmain was caught up in a controversy surrounding its recent patch on its open source codebase. The Bitcoin community harshly criticized Bitmain for developing malware which has the potential to shut down 70 percent of Bitcoin miners.
The Antbleed backdoor is a type of firmware that enables Bitmain to surveil on the customer sales and delivery records of Antminer users. According to Antbleed.com, the remote service of the firmware can return “false,” which ultimately can stop its miners from mining.
Approximately 70 percent of the world’s mining community rely on Bitmain’s Antminer to confirm Bitcoin transactions. Hence, Bitmain has the power and capacity to shut down 70 percent of Bitcoin miners in an instant.
As the community outraged over the discovery of the Antbleed malware, Bitmain released its official statement on April 27. A section of the statement read:
“This feature was designed and coded by the same team that is responsible for the firmware of Antminers. As the firmware has always been open-source, the feature was never intended to be malicious.”
The intent is not important
The intent of the Bitmain development team is of less importance. Frankly, it does not matter if the Bitmain development team introduced the Antbleed firmware update with good intentions because it creates the possibility of the majority of the Bitcoin mining community, which serves an important role in maintaining Bitcoin security, of shutting down in an instant.
However, it is unclear whether Bitmain can justify the intent of the activation of Antbleed on any ground or basis if it was designed specifically to surveil on its customers. Simply put, Bitmain developed a specific type of firmware to control its miners and customers, with the intent of centralizing the industry. Thus, to explain that the initial intent of the Bitmain team was to bring positive impact to Bitcoin is quite illogical and irrational.
Andreas Antonopoulos, security and Bitcoin expert, explained:
“I honestly doubt Antbleed was in any way malicious. It shows the intention to centrally control customers, is reckless and poorly implemented.”
Antonopoulos further noted that the decision of Bitmain to implement firmware designed to centralize its customers and the mining industry was reckless and incompetent. He said, “reckless implementation combined with the intent to centrally control customers is a very dangerous thing in a decentralized system.”
More experts including Slush, the lead architect of hardware wallet Trezor and CEO of Satoshi Labs, the parent company of Trezor, stated that Antbleed is dangerous, regardless of the intent of the Bitmain development team.
“ASICBoost and Antbleed are real and create a threat to Bitcoin. I'm not sure if they're just incompetent or malicious but they're dangerous,” said Slush.
More importantly, to Bitmain’s official response to the allegations, wherein the company claimed to have never completed the Antbleed feature, Slush explained that the feature is in fact very complete.