15 Mar 17 - 05:07
At the time of writing, Bitcoin Unlimited has lost more than half of it’s nodes due to a bug in their code, which has existed for almost a year, according to Peter Todd.
The bug, which implicitly trusts all incoming user and network data and ran debug code in production, caused the BU nodes to crash. The crash occured due to bad data (bad data is essentially data which is not in the correct format for the current application, whether malicious or not) being sent over the network to the node. The BU nodes, instead of discarding the data, logged the error and crashed.
Bad data being sent over the network is quite common and should be dealt with as normal behaviour. This can be caused by non-bitcoin applications connecting to Bitcoin ports on the servers with or without bad intentions, intentionally or just by mistake.
The Bitcoin Unlimited nodes running in production were also being compiled with debug code running, which, aside from this crash, is a big red flag.
Bitcoin Unlimited have pushed a commit which fixes the issue. However, the damage has been done.