A newly disclosed software program flaw within the Bitcoin staking protocol Babylon might permit malicious validators to disrupt components of the community’s consensus course of, doubtlessly slowing block manufacturing throughout key intervals, in line with builders.
The vulnerability impacts Babylon’s block signature scheme, often called the BLS vote extension, which is used to show that validators have agreed on a block.
The bug permits malicious validators to deliberately omit the block hash discipline when sending their vote extension, which may result in validator consensus points through the epoch boundaries of the community, in line with a GitHub post printed on Thursday.
The block hash discipline tells validators which blocks they’re truly voting for through the consensus course of, a discipline that the bug permits to be omitted.
Via the vulnerability, a malicious validator may theoretically crash different validators throughout key consensus checks throughout epoch boundaries, resulting in a slowdown in block manufacturing if a number of validators had been affected.
Associated: Bitcoin DeFi TVL up 2,000% amid bumper 2024 for BTC price, adoption
“Intermittent validator crashes at epoch boundaries, which might decelerate the creation of the epoch boundary block,” wrote pseudonymous contributor GrumpyLaurie55348, who found the vulnerability. “Babylon then dereferences this nil pointer in consensus-critical code paths (notably VerifyVoteExtension, and in addition proposal-time vote verification), inflicting a runtime panic,” they added.
Cointelegraph has reached out to Babylon for touch upon the potential affect and resolutions to the vulnerability, however had not acquired a response by publication.
The bug has not been described as actively exploited, however builders warned it might be abused if left unresolved.
Associated: 2025 crypto bear market was ‘repricing’ year for institutional capital: Analyst
Babylon continues increasing Bitcoin’s yield-bearing capabilities
Babylon has been seen as a major alternative for Bitcoin-based decentralized finance, because of introducing Bitcoin-native staking for the primary time in crypto history.
Bitcoin-based decentralized finance (DeFi), often known as BTCFi, is a brand new technological paradigm that goals to deliver DeFi capabilities to the world’s first blockchain community, enabled by the introduction of the Runes protocol through the 2024 Bitcoin halving.
On Wednesday, Babylon received $15 million in funding from a16z Crypto via the sale of Babylon’s native BABY (BABY) tokens to the digital asset arm of Andreessen Horowitz.
The funding will assist the continued growth of Bitcoin-native DeFi infrastructure, stated a16z Crypto in a weblog post printed Wednesday.
Earlier in December, Babylon partnered with Aave Labs to deliver Bitcoin-backed lending to Aave v4, enabling BTC for use as collateral with out wrappers or custodians. The product is anticipated to enter its testing part within the first quarter of 2026, with a joint launch set for April 2026.
Journal: Ethereum restaking — Blockchain innovation or dangerous house of cards?
