Author: Justin Bechler; Translation: AididiaoJP, Foresight News
Permissionless execution of Bitcoin's monetary policy and a distributed network of nodes are the only sources of credibility that propelled Bitcoin from zero to $125,000.
To reach the goal of $1 million, the same level of credibility is needed, but its scale must be large enough to satisfy the needs of sovereign wealth funds and central banks holding assets for decades.
Please understand this very clearly: the network and its nodes are under systematic attack, and Bitcoin Core has opened the door to it. But for the first time since the attack began, a real proposal has been put on the table that will stop it all.
This article explains the attack, the evidence behind the fix, and why the road to $1 million must go directly through it.
What Makes Bitcoin Valuable? Bitcoin's entire value proposition is based on a monetary guarantee. The total supply of Bitcoin will always be only 21 million, a limit enforced by a distributed network of nodes that independently verify every transaction. This guarantee holds true because ordinary people around the world can easily run node software that enforces it. This is what distinguishes Bitcoin from all other centralized "crypto" projects. Ethereum has a foundation; Solana has a small number of validators running enterprise hardware; XRP has Ripple Labs. Each of these projects has a centralized bottleneck that can be pressured, subpoenaed, sanctioned, or directly persuaded to change the rules. Bitcoin doesn't, because anyone with an ordinary computer and an internet connection can run a fully validating node, interacting directly with the monetary protocol without permission, intermediaries, or trust in anyone. Gold needs trusted appraisers, bonds need trusted governments, and stocks need trusted auditors. Bitcoin only needs to trust mathematics and the nodes that run it. Each node operator on the validating chain is a vote on monetary policy. The more nodes, the more decentralized the verification, and the more credible this guarantee appears to be for capital capable of pushing assets into the seven-figure range. Therefore, when something threatens the accessibility of running nodes, it threatens the value and very existence of Bitcoin. The Vulnerability That Began It All Bitcoin Core has made spam transaction filtering a standard feature from day one. Since 2013, node operators have been able to set limits on the size of additional data embedded in transactions through a configuration option called `-datacarriersize`, a well-thought-out design decision. The developers who built and maintained the protocol understood that without size limits on non-monetary data, the blockchain would inevitably be abused as a cheap data storage system, with the cost borne by every node operator on the network. This system ran for ten years. Then, in early 2023, Casey Rodarmor launched the Ordinals protocol, and the dam broke. Ordinals exploited a vulnerability in Bitcoin Core's spam filter. Existing data carrier limits were never extended to cover Taproot transactions introduced in the November 2021 upgrade. This meant that anyone could bypass the data size limits that were supposed to prevent such abuse by disguising arbitrary data as program code within the Tapscript witness space, wrapped in an OP_FALSE OP_IF that would never actually be executed. Images, text files, BRC-20 token minting, and all other forms of non-monetary data can now be permanently embedded into the Bitcoin blockchain at a cost far lower than normal data transactions, thanks to the SegWit Witness discount subsidy designed to reduce the cost of signature verification. @LukeDashjr identified this as a vulnerability from the outset. In December 2023, he officially registered the vulnerability in the NIST National Vulnerability Database as CVE-2023-50428, receiving a moderate severity score of 5.3. The official description is precise: "In Bitcoin Core 26.0 and earlier versions and Bitcoin Knots 25.1.knots20231115 and earlier versions, it is possible to bypass the data carrier size limit by obfuscating data as code (e.g., using OP_FALSE OP_IF), as was exploited by inscription in 2022 and 2023." Luke is clear on what this means. "Spam filtering has been a standard part of Bitcoin Core since day one," he explained. The failure to extend these filters to Taproot transactions was a bug, and Ordinals are exploiting this bug to attack the network. "The damage it inflicts on Bitcoin and Bitcoin users, including future users, is enormous and irreversible," he wrote. "No one ever allowed Ordinals. It was an attack on Bitcoin from the beginning." The alternative node implementation Bitcoin Knots, maintained by Dashjr, patched CVE-2023-50428 in version 25.1 at the end of 2023. Ocean Pool immediately deployed the fix, announcing that its blocks would now contain "more genuine transactions" and characterizing the Ordinals attack as a denial-of-service attack on the network. Bitcoin Core never patched it. A formal vulnerability registered with NIST, scored, and exploited in millions of transactions added gigabytes of permanent bloat to every full node on the network, which the vast majority of major node software used by the Bitcoin network refused to fix. A patch existed, was tested, and was deployed in production on Knots. Core chose not to apply it and instead went further in the opposite direction. Core 30: Taxing Every Node While BIP-110 proposed protecting nodes from data bloat, Bitcoin Core 30 went against the grain. Instead of patching CVE-2023-50428, Core 30 completely removed the long-standing OP_RETURN size limit, opening the door to infinitely arbitrary data in the OP_RETURN output. The Core developers' rationale is that the existing 80-byte limit can be circumvented anyway, so maintaining it makes no sense. This is like a city council stopping speed limits because someone is speeding, directly violating the decade-long precedent pointed out by Dashjr. Bitcoin Core has maintained a data carrier size limit since 2013 because developers understood that protecting block space from non-monetary misuse was crucial for maintaining node accessibility; Core 30 abandoned this principle. The practical effect is a tax on every node operator. Unlimited OP_RETURN data means that the data nodes must download, verify, and store grows indefinitely. And for what? The beneficiaries of this change are a small group of developers building non-monetary applications on Bitcoin who find the existing limits inconvenient. Jameson Lopp advocates for this change based on "extreme edge cases" unrelated to Bitcoin's function as a currency, but closely related to Citrea, the VS startup "built on Bitcoin." Ordinary people hate this. In 2013, Core introduced data carrier restrictions to protect nodes from data garbage. These restrictions remained in effect for a decade. In 2023, a vulnerability allowed inscriptions to bypass these restrictions via Taproot, which Core refused to patch. In 2025, Core completely removed the restrictions. Each step made nodes heavier and more expensive to operate, and each step further away from the principle that "the Bitcoin block space serves monetary transactions." This is the fundamental contradiction in the current development of Bitcoin. One faction wants to keep the network a lean, accessible monetary protocol that anyone can verify with a Raspberry Pi. The other faction wants to expand the protocol's capabilities to accommodate any creative use cases developers can think of, and they are willing to make nodes heavier and more expensive to achieve this. The first group is heading towards a $1 million Bitcoin, the second group is heading towards a "better version of Ethereum." Data: What BIP-110 Actually Did @CunyRenaud just released a revised simulation of BIP-110, covering 10 days of mainnet data, from block height 929,592 to 931,032. The results are unambiguous. Of the 4.7 million transactions sampled: 1,957,896 were filtered out by BIP-110 (41.5% of all transactions). 747.85 MB of block space was reclaimed (36%). Zero legitimate financial transactions were blocked. In nearly five million transactions, not a single currency transfer was caught by the filter. Every payment, every exchange withdrawal, every Lightning Channel opening, every CoinJoin, and every multisignature expenditure passed smoothly. The breakdown reveals an important fact that most people have overlooked in this debate. The community has consistently treated Ordinals inscriptions and OP_RETURN garbage as two separate issues; they are not. Of the inscription transactions captured by BIP-110, 94.6% were mixed transactions, carrying both a Tapscript OP_IF inscription encapsulation and an OP_RETURN output containing rune metadata. When BIP-110 filters out the inscription, the associated OP_RETURN data also disappears. The narrative of "two garbage problems" collapses in the face of data. Bitcoin has only one garbage problem, but it manifests in two ways, and BIP-110 addresses both simultaneously. The rules that bear the heavy responsibility: BIP-110 contains multiple rules, but rule 7 is the most crucial. It prohibits the use of the OP_IF and OP_NOTIF opcodes in Tapscript execution. This targets the mechanism described in CVE-2023-50428, where Ordinals are used to embed arbitrary data into the witness space via OP_FALSE OP_IF wrappers. Rule 7 alone captured 1,954,477 transactions in the simulation, representing 99.8% of all filtered transactions. In fact, it's the patch Core refused to release, now formalized as a consensus rule with a one-year activation window. An obvious question is whether this breaks any real-world functionality. The simulation specifically searched for legitimate Tapscript contracts using OP_IF, including conditional branches, time locks, threshold signatures, and hash time lock contracts. The answer was zero out of 4.7 million transactions; these patterns do not exist in today's mainnet Tapscript. The Lightning Network is still running on SegWit v0, DLC uses adapter signing, and the Vault implementation is still experimental. Theoretically, there are concerns that Rule 7 might hinder future smart contracts, which is understandable. It could indeed, but BIP-110's activation period is one year, not permanent. Inscription flooding is happening now, and the damage to the UTXO set is accumulating daily. A one-year intervention that eliminates 41.5% of transaction junk without halting any financial activity is a trade-off in favor of action. Bitcoin is money. Some will oppose BIP-110 on the grounds that "all transactions that pay fees are legitimate." Inscription users pay market fees, and miners voluntarily accept their transactions; by what right do they have to filter them out? The answer lies in understanding what Bitcoin actually protects and why. Bitcoin's censorship resistance is designed to guarantee monetary transactions. Proof-of-Work, difficulty adjustment, the block reward program, and the entire security model are all designed to protect a peer-to-peer electronic cash system. That design, that single purpose, is the justification for the enormous energy consumption required to protect the network. Monetary transactions on Bitcoin are censorship-free. This is precisely the property that gives Bitcoin its value, and it's a property fully preserved by BIP-110. If you are sending or receiving Bitcoin as currency, BIP-110 will not affect you. Simulations have empirically demonstrated this. 2.5 million financial transactions passed smoothly, without a single one being affected. The existence of non-monetary transactions depends on the network's tolerance. No one has passed laws prohibiting them, and no one has arrested inscription users. The argument is simple: storing NFT data and token minting instructions in the Witness Space does not enjoy the same protocol-level protection as transferring value between people. When non-monetary uses begin to threaten the infrastructure that makes monetary use possible, the network has every right to prioritize its core functionality. This is not censorship. Censorship is when a government blocks your payments because it dislikes your political stance. Filtering data storage operations that exploit vulnerabilities that should have been patched years ago is network maintenance. This distinction is important, and anyone who confuses the two is either confused or maliciously sophistry. When critics argue that miners would never voluntarily stop transactions containing inscription, Dashjr clearly states: "Bitcoin operates on the assumption that the majority of miners are honest, not malicious." The security model assumes that miners act for the long-term benefit of the network, not to maximizing short-term fee revenue at the expense of the infrastructure that makes fees valuable. The Road to $1 Million Imagine explaining Bitcoin to a sovereign wealth fund manager in 2028. You're arguing that this asset deserves a permanent allocation on par with gold and Treasury bonds. This argument is based on three pillars: fixed supply, censorship-resistant transactions, and decentralized verification. If any one of these pillars is weakened, the argument weakens. If the supply schedule can be altered, Bitcoin is just another, better-marketed fiat currency. If transactions can be censored, Bitcoin is just a slow database. If verification becomes too expensive to run and is centralized in a few data centers, then Bitcoin's monetary guarantee becomes a gentleman's agreement enforced by entities with identifiable interests and political pressure. Inscription-driven UTXO bloat directly attacks the third pillar. It makes nodes more expensive, verification more centralized, and undermines the decentralization that guarantees the trustworthiness of the currency. And it does all this to provide a currency-agnostic service that can be done more efficiently on a system built specifically for a particular purpose. Arbitrary data storage is a solved problem; Bitcoin doesn't need to be Filecoin. Meanwhile, Core's trajectory—from refusing to patch CVE-2023-50428 to proactively removing the OP_RETURN limit in version 30—suggests that the current development leadership is willing to make nodes more bloated to serve non-monetary use cases. BIP-110 resists this trajectory, demonstrating that the network's priority is currency, the existence of the node network is for verifying currency, and the protocol should be optimized for currency. BIP-110 eliminates inscription attack vectors for a year without affecting any financial transactions on the network. It eliminates 41.5% of spam transactions and reclaims 36% of block space. In 4.7 million transactions tested, it produced zero false positives. And it retains the option to reassess once the data on legitimate Tapscript use becomes clearer. The road to a million-dollar Bitcoin is paved with the credibility of monetary policy, the credibility of censorship resistance, and the credibility of decentralized verification networks that enforce both. The success or failure of a million-dollar Bitcoin is inextricably linked to the node network. What you can do: If you run a node, you have a say in this. Study the BIP-110 specification. Review the simulation data published by Bitcoin Block Space Weekly. If you have the technical skills, you can calculate the data yourself. Then make your decisions based on what the evidence shows, not what the loudest voices on social media tell you. If you're prepared to take action, switching from Bitcoin Core to Bitcoin Knots is easier than most people imagine. If you're running Umbrel, Start9, MyNode, or RaspiBlitz, Knots can be installed with a single click from your app store, and your existing blockchain data can be transferred. If you're running Core on a desktop or bare-metal Linux system, the migration is equally straightforward. Either way, you can run Knots and enforce BIP-110 in minutes. Every node that switches to Knots is casting a vote for Bitcoin's future as a currency, and every vote counts. The data is clear, the trade-offs are honest, and the window of opportunity is one year. The cost of inaction is a gigabyte-scale of permanent data bloat added daily to every node on the network. Bitcoin is currency, and BIP-110 keeps it that way. Bitcoin as a non-monetary data relay and storage will not last. If you believe this, then you are running a sovereign, censorship-resistant node using Bitcoin as currency in a permissionless manner.
JinseFinance
Miyuki
Pr0phetMoggy