Original Author: Justin Bechler

Original Translation: AididiaoJP, Foresight New

The only source of credibility that has pushed Bitcoin from zero to $125,000 is the execution of its monetary policy without permission and a distributed network of nodes.

To reach the $1 million target, the same level of credibility is required, but its scale must be sufficient to meet the needs of sovereign wealth funds and central banks holding assets for decades.

Please understand this very clearly: the network and nodes are under systematic attack, and Bitcoin Core has opened the door to it. But for the first time since the attack began, there is a real proposal on the table that could stop it all.

This article explains the attack, the evidence behind the fix, and why the road to $1 million must go directly through it.

What Makes Bitcoin Valuable

The entire value proposition of Bitcoin is based on a monetary guarantee.

The total supply of Bitcoin will always be 21 million, a limit enforced by a distributed network of nodes that independently verify each transaction. This guarantee holds because ordinary people around the world can easily run the node software that enforces it.

This is what distinguishes Bitcoin from all other centralized "crypto" projects. Ethereum has a foundation; Solana has a few validators running enterprise hardware; XRP has Ripple Labs. Each of these projects has a centralized bottleneck that could be pressured, subpoenaed, sanctioned, or directly persuaded to change the rules. Bitcoin does not, because anyone with a regular computer and an internet connection can run a fully validating node without permission, intermediaries, or trusting anyone, directly interacting with the monetary protocol.

Gold requires trust in assayers, bonds require trust in governments, and stocks require trust in auditors. Bitcoin only requires trust in mathematics and the nodes that run it.

Every operator of a validating chain node is a vote on monetary policy. The more nodes there are, the more decentralized the validation becomes, and for capital that can push assets into the seven-figure range, this guarantee looks increasingly credible.

Therefore, when something threatens the accessibility of running nodes, it threatens the value and existence of Bitcoin itself.

The Vulnerability Where It All Began

Bitcoin Core has filtered out spam transactions as a standard feature since day one. Since 2013, node operators have been able to set limits on the size of additional data embedded in transactions through a configuration option called -datacarriersize, a well-considered design decision. The developers who built and maintain the protocol understood that without limits on the size of non-monetary data, the blockchain would inevitably be abused as a cheap data storage system, with the costs borne by every node operator on the network.

This system ran for ten years. Then, in early 2023, Casey Rodarmor launched the Ordinals protocol, and the dam broke.

Ordinals exploited a vulnerability in Bitcoin Core's spam filter. The existing data carrier limits were never extended to cover the Taproot transactions introduced in the November 2021 upgrade. This meant that by disguising arbitrary data as program code within the Tapscript witness space, using an OPFALSE OPIF wrapper that would never actually execute, anyone could bypass the data size limits that were supposed to prevent such abuse. Images, text files, BRC-20 token minting, and all other forms of non-monetary data could now be permanently embedded in the Bitcoin blockchain at a cost far below that of normal data transactions, thanks to the SegWit witness discount subsidy designed to reduce signature verification costs.

@LukeDashjr identified this as a vulnerability from the start. In December 2023, he officially registered the vulnerability in the NIST National Vulnerability Database as CVE-2023-50428, receiving a medium severity score of 5.3. The official description is precise: "In Bitcoin Core versions 26.0 and earlier and Bitcoin Knots versions 25.1.knots20231115 and earlier, the data carrier size limit can be bypassed by obfuscating data as code (e.g., using OPFALSE OPIF), as exploited by inscriptions in 2022 and 2023."

Luke is clear about what this means. "Spam filtering has been a standard part of Bitcoin Core since day one," he explained. "Failing to extend these filters to Taproot transactions is a mistake, and inscriptions are exploiting this mistake to attack the network. The damage it causes to Bitcoin and Bitcoin users, including future users, is immense and irreversible," he wrote. "No one ever allowed Ordinals. It has been an attack on Bitcoin from the start."

The alternative node implementation Bitcoin Knots, maintained by Dashjr, patched CVE-2023-50428 in version 25.1 at the end of 2023. The Ocean mining pool immediately deployed the fix, announcing that its blocks would now contain "more real transactions" and characterizing Ordinals inscriptions as a denial-of-service attack on the network.

Bitcoin Core never patched it.

A formally registered vulnerability at NIST, scored, exploited in millions of transactions, adding gigabytes of permanent bloat to every full node on the network, while the major node software used by the vast majority of the Bitcoin network refused to fix it. The patch exists, has been tested, and is in production on Knots. Core chose not to apply it and instead moved further in the opposite direction.

Core 30: Taxing Every Node

When BIP-110 proposed to protect nodes from data bloat, Bitcoin Core version 30 went in the opposite direction. Core 30 did not patch CVE-2023-50428 but instead completely removed the long-standing OPRETURN size limit, opening the door to unlimited arbitrary data in OPRETURN outputs.

The rationale provided by Core developers was that the existing 80-byte limit was being circumvented anyway, so maintaining it was pointless. This is akin to a city council stopping the enforcement of speed limits because some people are speeding, which directly contradicts the decade-long precedent pointed out by Dashjr.

Bitcoin Core has maintained data carrier size limits since 2013 because developers understood that protecting block space from non-monetary abuse is crucial for maintaining node accessibility; Core 30 abandoned this principle.

The practical effect is a tax on every node operator. Unlimited OP_RETURN data means that the data nodes must download, verify, and store grows indefinitely. And for what? The beneficiaries of this change are a small handful of developers building non-monetary applications on Bitcoin who find the existing limits inconvenient.

Jameson Lopp advocated for this change on the grounds of "extreme edge cases" that have nothing to do with Bitcoin's function as money but are closely related to his startup Citrea, which is "building on Bitcoin."

Ordinary people hate this.

In 2013, Core introduced data carrier limits to protect nodes from data garbage. These limits have been effective for a decade. In 2023, a vulnerability allowed inscriptions to bypass these limits via Taproot, and Core refused to patch it.

By 2025, Core completely removed the limits. Each step made nodes heavier, increased operating costs, and strayed further from the principle that "Bitcoin block space serves monetary transactions."

This is the fundamental contradiction in the current development of Bitcoin. One faction wants to keep the network as a lean, accessible monetary protocol that anyone can validate with a Raspberry Pi.

The other faction wants to expand the protocol's capabilities to accommodate any creative use case developers can think of, and they are willing to make nodes heavier and more expensive to achieve this.

The first group is moving towards a $1 million Bitcoin, while the second group is moving towards "a better version of Ethereum."

Data: What BIP-110 Actually Did

@CunyRenaud has just released a simulation of BIP-110 covering ten days of mainnet data, with block heights from 929,592 to 931,032.

The results are unequivocal.

In the 4.7 million transactions during the sampling period:

1,957,896 were filtered out by BIP-110 (41.5% of all transactions).

747.85 MB of block space was reclaimed (36%).

Zero legitimate financial transactions were blocked.

In nearly five million transactions, not a single monetary transfer was captured by the filter. Every payment, every exchange withdrawal, every Lightning channel opening, every CoinJoin, and every multisig spend went through smoothly.

The breakdown of results reveals an important fact that most people in this debate have overlooked. The community has treated Ordinals inscriptions and OP_RETURN spam as two separate issues, but they are not.

Of the inscription transactions captured by BIP-110, 94.6% were mixed transactions, carrying both the Tapscript OPIF inscription wrapper and OPRETURN outputs containing rune metadata. When BIP-110 filtered out inscriptions, the associated OP_RETURN data disappeared as well.

The narrative of "two spam issues" collapses in the face of the data. Bitcoin has only one spam issue, but it manifests in two forms, and BIP-110 addresses both simultaneously.

The Rules That Bear the Burden

BIP-110 contains multiple rules, but Rule 7 is the most critical. It prohibits the use of OPIF and OPNOTIF opcodes in Tapscript execution. This specifically targets the mechanism described in CVE-2023-50428, where Ordinals inscriptions are used to embed arbitrary data in the witness space via the OPFALSE OPIF wrapper.

Rule 7 alone captured 1,954,477 transactions in the simulation, accounting for 99.8% of all filtered transactions. In effect, it is the patch that Core refused to release, now formalized as a consensus rule with a one-year activation window.

An obvious question is whether this would break any real functionality. The simulation specifically searched for legitimate Tapscript contracts using OP_IF, including conditional branches, time locks, threshold signatures, and hash time lock contracts.

The answer in the 4.7 million transactions is zero; these patterns do not exist in today's mainnet Tapscript. The Lightning Network still runs on SegWit v0, DLCs use adapter signatures, and vault implementations are still in the experimental stage.

Theoretical concerns that Rule 7 may hinder future smart contracts are worth acknowledging. It indeed might, but the activation period for BIP-110 is one year, not permanent. The flood of inscriptions is happening now, and the damage to the UTXO set is accumulating daily.

A one-year intervention that can eliminate 41.5% of transaction spam while not blocking any financial activity is a trade-off that supports action.

Bitcoin is Money

Some may oppose BIP-110 on the grounds that "all transactions that pay fees are legitimate." Inscriptions users pay market rates, and miners voluntarily accept their transactions; what authority do we have to filter them out?

The answer lies in understanding what Bitcoin is actually protecting and why it is protected.

Bitcoin's censorship resistance is designed to guarantee monetary transactions. Proof of work, difficulty adjustment, block reward schedules, and the entire security model are all designed to protect a peer-to-peer electronic cash system.

That design, that singular purpose, is what justifies the enormous energy consumption required to protect the network.

Monetary transactions on Bitcoin are uncensorable. This is precisely the attribute that gives Bitcoin its value, and it is an attribute that BIP-110 fully preserves. If you are sending or receiving Bitcoin as money, BIP-110 will not affect you. The simulation has empirically demonstrated this. 2.5 million financial transactions went through smoothly, with none affected.

The existence of non-monetary transactions depends on the network's tolerance. No one is prohibiting them by decree, and no one is arresting inscription users. The argument is simple: storing NFT data and token minting instructions in the witness space does not enjoy the same protocol-level protections as transferring value between people. When non-monetary uses begin to threaten the infrastructure that makes monetary use possible, the network has every right to prioritize its core functionality.

This is not censorship. Censorship is when a government blocks your payments because it dislikes your political stance. Filtering out operations that exploit a vulnerability that should have been patched years ago for data storage is network maintenance. This distinction is important; anyone who conflates the two is either confused or engaging in malicious sophistry.

When critics argue that miners will never voluntarily stop including inscription transactions, Dashjr clearly articulated this: "The operating assumption of Bitcoin is that most miners are honest, not malicious." The security model assumes that miners will act in the long-term interest of the network rather than maximizing short-term fee income at the expense of the infrastructure that makes fees valuable.

The Road to $1 Million

Imagine explaining Bitcoin to a sovereign wealth fund manager in 2028. You are arguing that this asset deserves a permanent allocation equal to gold and government bonds.

This argument is based on three pillars: fixed supply, censorship-resistant transactions, and decentralized validation. If any of these pillars are weakened, the argument is weakened. If the supply schedule can be changed, Bitcoin is just another marketing gimmick for a better fiat currency. If transactions can be censored, Bitcoin is just a slow database.

If validation becomes concentrated in a few data centers because running nodes becomes too expensive, then Bitcoin's monetary guarantee becomes a gentlemen's agreement enforced by entities with identifiable interests and political pressure points.

Inscriptions-driven UTXO bloat directly attacks the third pillar. It makes nodes more expensive, centralizes validation, and undermines the decentralization that makes the monetary guarantee credible. And it does all this to provide a service that is unrelated to money and can be accomplished more efficiently on systems built for specific purposes.

Arbitrary data storage is a solved problem; Bitcoin does not need to become Filecoin.

Meanwhile, the trajectory from refusing to patch CVE-2023-50428 to actively removing OP_RETURN limits in version 30 indicates that the current development leadership is willing to make nodes bulkier to serve non-monetary use cases. BIP-110 resists this trajectory; it indicates that the network's priority is money, that the node network exists to validate money, and that the protocol should be optimized for money.

BIP-110 eliminates the inscription attack vector for one year while completely not affecting every financial transaction on the network. It eliminates 41.5% of spam transactions and reclaims 36% of block space. In the tested 4.7 million transactions, it produced zero false positives. Moreover, it retains the option to reassess the data as clarity about legitimate Tapscript usage improves.

The road to a $1 million Bitcoin is paved by the credibility of monetary policy, the credibility of censorship resistance, and the credibility of a decentralized validation network that enforces both.

The success or failure of a $1 million Bitcoin is closely tied to the node network.

What You Can Do

If you run a node, you have a voice in this matter.

Study the BIP-110 specification. Review the simulation data published by Bitcoin Block Space Weekly. If you have the technical ability, you can calculate the data yourself. Then make your decision based on what the evidence shows, rather than what the loudest voices on social media tell you to think.

If you are ready to take action, switching from Bitcoin Core to Bitcoin Knots is easier than most people imagine. If you run Umbrel, Start9, MyNode, or RaspiBlitz, Knots can be installed with one click from your app store, and your existing blockchain data can be transferred. If you run Core on a desktop or bare-metal Linux, the migration is just as simple and straightforward. Either way, you can be running Knots and enforcing BIP-110 within minutes.

Every node that switches to Knots is a vote for Bitcoin's future as money, and every vote matters.

The data is clear, the trade-offs are honest, and the window of opportunity is one year. The cost of inaction is the permanent data bloat measured in gigabytes added daily for every node on the network.

Bitcoin is money, and BIP-110 keeps it that way.

Bitcoin as a non-monetary arbitrary data relay and storage will not survive.

If you believe this, then you are running a sovereign, censorship-resistant node that uses Bitcoin as money in a permissionless manner.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。