[Bitcoin-development] Code review
arto at bendiken.net
Fri Oct 4 11:58:51 UTC 2013
On Fri, Oct 4, 2013 at 1:35 PM, Peter Todd <pete at petertodd.org> wrote:
> The second caveat is more specific to Bitcoin: people tend to rebase
> their pull-requests over and over again until they are accepted, but
> that also means that code review done earlier doesn't apply to the later
> code pushed. Bitcoin is a particularly high profile, and high profit,
> target for people trying to get malicious code into the codebase.
On that note, this 2003 example of an attempt to backdoor the Linux
kernel is pertinent:
The backdoor in question came down to a single missing character,
easily overlooked by a reviewer if a spotlight hadn't been thrown on
it for other reasons. Compromising a Bitcoin implementation isn't
going to be as easy as that, one would hope, but certainly it seems
only a matter of time until there's an attempt at it.
Following these code review discussions with much interest.
Arto Bendiken | @bendiken | http://ar.to/
More information about the bitcoin-dev