Really? This feels overstated. The core software has been remarkably (some might say unreasonably and implausibly) solid. The software is supposed to be a pile of amateur C++! It would be so easy for something like a trivial buffer overflow bug to break block validation and unravel the whole system. But it hasn’t happened after ten years and a multi-billion-dollar bug bounty available. Why is it so good?
Because of said $$$ bug bounty. There have been countless mitigations since launch. The biggest one for me is they nerfed (locked down) Bitcoin script for security reasons, which reduced it's utility for anything but transferring BTC.
Granted, it's inability to scale would have made that true anyway, but the resulting inability to have smart contracts on Bitcoin might be one reason arguments for scaling it with bigger blocks have failed to win: if all it does is move a coin, why bother changing the block size etc when you have Lightning etc.
>> The weak link is not SHA256, it’s the rest of the cryptosystem.
> Yes, in multitudes.
> We’ve seen forked chains, theft, mysteriously reversed transactions, 51% attacks.
Really? This feels overstated. The core software has been remarkably (some might say unreasonably and implausibly) solid. The software is supposed to be a pile of amateur C++! It would be so easy for something like a trivial buffer overflow bug to break block validation and unravel the whole system. But it hasn’t happened after ten years and a multi-billion-dollar bug bounty available. Why is it so good?