Bitcoin Inscription has been given a moderate base severity score of 5.3 by the National Vulnerability Database (NVD), a cybersecurity risk repository managed by the U.S. government.
The presence of Bitcoin Inscription in the U.S. Vulnerability Database was noted on December 9 within the Common Vulnerabilities and Exposures (CVE) list, linking it to a security flaw associated with the development of the Ordinals protocol in 2022.
On December 11, the NVD updated its records, rating the inscription's severity as "5.3 Medium." According to software company Atlassian, a moderate score indicates that the vulnerability could potentially allow a denial-of-service attack with "very limited" network access or may be challenging to execute.
Bitcoin Core developer Luke Dashjr discussed the NVD's score of 5.3, emphasizing that the rating primarily reflects the inscription's low immediate impact on the Bitcoin network's availability. However, Dashjr suggested that this score might underestimate the vulnerability's long-term consequences, particularly related to blockchain bloat.
While Dashjr clarified that he was not directly responsible for obtaining the Bitcoin Inscription listing in the NVD, he did acknowledge initiating the process by requesting the CVE number, which ultimately made its way into the CVE list.
The CVE list operates on an open submission basis, allowing any developer to propose a potential vulnerability. Upon review by a CVE assignment team and deemed pertinent to public awareness, it is typically added to the list. Ratings from analysts at the National Institute of Standards and Technology are subsequently published on the NVD.
Controversy surrounds Bitcoin Inscription, with conflicting opinions on social media. While some Bitcoin advocates consider Inscriptions as network "spam," proponents of ordinals, like Udi Wertheimer from Taproot Wizards, argue that ordinals are vital for the Bitcoin network's evolution and potential for increased adoption and revenue generation.
The Bitcoin network has faced mounting congestion due to the influx of Ordinals’ non-fungible token inscriptions and the widespread rush to create BRC-20 tokens, leading to over 275,000 unconfirmed transactions. The average transaction cost for medium-priority transactions has surged from roughly $1.50 to about $14. Future measures to patch the alleged inscription issue may serve to restrict subsequent ordinal inscriptions on the network.
