pull down to refresh

So when the US Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI) announced they were doubling down on their efforts to persuade software manufacturers to abandon "memory-unsafe" programming languages such as C and C++, it came as no surprise.
[...]
The CISA is insisting that this be done. Or, at the least, companies must come up with roadmaps for moving their existing codebases by January 1st, 2026. The CISA argues that the long-term benefits in terms of reduced vulnerabilities and improved security outweigh the initial investment.
I guess this is never gonna happen for Bitcoin. Too much a risk to change the codebase at this point.
Have there even been memory related bugs in Bitcoin's history?
Once something better comes along, c and c++ will go away, but they cant tell people what to do.
reply
Yeah, switching Bitcoin’s codebase to a memory-safe language at this point would be a massive risk. Bitcoin's code has been in C++ since the start, and changing that could introduce way more problems than it solves. There have been some memory-related bugs in the past, but they were pretty rare and patched quickly. Right now, Bitcoin devs are more focused on strengthening the existing C++ code rather than rewriting it all.
reply
Luckily Bitcoin is not a company and doesn't have to comply with those coercive mofos' demands.
reply
Well said!
0 sats \ 3 replies \ @alt 14 Nov
Being a protocol, wouldn't it be more accurate to say that Bitcoin Core's codebase has been C++ from the start? Bitcoin itself is just a protocol and there's nothing to stop someone from writing a version of the Bitcoin software in any other language.
So long as a node obeys the protocol rules and can interact with the other network nodes in all the required ways, surely it could be written in any language?
reply
Do you happen to know what languages are used for the other bitcoin implementations? Core is the biggest one, so it's the only i know the answer.
reply
143 sats \ 1 reply \ @alt 14 Nov
Off the top of my head I don't know. It wouldn't surprise me if there is a version written (or being written) in Rust. There may be many more small scale projects that are in various states of functionality.
In principle though, there is nothing to stop any language being used except for the effort required by developers.
reply
Yeah, the only reason for not pushing for more implementations is that it leads to higher chances for bugs.
I'm ok with LN having compatibility issues between implementations, much less for it to happen at the base layer.
In principle though, nothing to stop other languages for other implementations, indeed.
reply
Yes, that's right, so far bug errors have rarely been found, unless the load is too large.
reply
What about rust?
reply
plot twist: C++ will be here "forever, Laura" ;)
reply
There's one sacred rule: if the government has to push for it, being the market free to do it by itself, then it's a terrible, terrible, terrible, terrible idea. So I can guarantee that C is going nowhere.
reply
reply
lol
reply