How porn links and Ben Bernanke snuck into Bitcoin's code

May 2, 2013: 7:11 PM ET
hex code bernanke
The code on the left records a bitcoin transaction from July 2011. Converted into text, it generates a portrait of Federal Reserve Chairman Ben Bernanke.
NEW YORK (CNNMoney)

Here's a little-known quirk of cyber currency Bitcoin: There are coded messages hidden in the ledger that track bitcoin transactions. Most are innocuous, but this week, the discovery of a malicious transmission filled with porn links set the Bitcoin community abuzz.

Bitcoin, a four-year-old digital currency developed by a hacker who still remains anonymous, is a favorite plaything of libertarians and cryptography geeks. It burst into the mainstream this year when investors took note of its wild price swings. One bitcoin is now worth around $112, down from a record high of $266 last month, but up from $5 a year ago.

At the core of the bitcoin network is a database recording every single transaction.

Bitcoin enthusiasts have long known about a technical loophole that allows people to inject coded messages into the database. The trick is typically used for pranks or harmless notes, but Bitcoin discussion boards lit up on Monday with the news that someone took advantage of it for a nastier purpose: adding encoded links that claim to lead to porn sites, some featuring children. (CNNMoney verified that the links exist in Bitcoin's database, but did not check to see if they actually went to child porn sites.)

A technical analysis posted on BitcoinTalk.org delves into the details. There doesn't seem to be much danger for the casual bitcoin user. The porn links are concealed in hexadecimal code, and a decoder is needed to translate them into English. In other words, you'd really have to be looking for it.

But once a message makes it into the Bitcoin ledger, it can't be removed.

"There are very large ramifications to filtering out transactions, even ones that are obviously data spam," Jeff Garzik, a developer who works on Bitcoin's core software, wrote in a blog post responding to the porn discovery.

How Bitcoin works

People have been sneaking messages into the ledger for years. Bitcoin's creator put a coded note into the very first recorded transaction, and in 2011, a crafty hacker embedded a tribute to a recently deceased friend, along with a rather accurate, pixelated image of Federal Reserve Chairman Ben Bernanke. Religious tracts, spam and random pronouncements like "I LIKE TURTLES" are some of the notes that turned up in 2012 file showing some of the encoded text. Last month, someone dropped in a large stash of Wikileaks cables.

But all this monkeying with the ledger is posing a problem for the pioneering currency, just as it's beginning to gain wider attention. Bitcoin advocates have worried for years about what would happen if someone tried to store illegal content in the ledger -- like, say, child porn, which is a U.S. federal crime to possess. That once-hypothetical threat is now real.

The porn: Every bitcoin user interacts with a portion of the currency's database, and many power users run software that stores the entire thing. Legally, bitcoin users who have the part of the ledger with the porn links seem to be in the clear. They are, after all, just words and text links -- not actual child porn images.

The U.S. Justice Department wouldn't comment on this specific case, but an agency spokesman pointed CNNMoney to the exact wording of the law, which states that the issue becomes a crime when a person "knowingly possesses, or knowingly accesses with intent to view" child porn. It doesn't appear that an unsuspecting user with these coded links sitting on their hard drive has much to worry about.

So is this a big deal or not? The Bitcoin community is divided.

Some think the links are being blown way out of proportion. They liken the coded messages in Bitcoin's ledger to graffiti, and say it's inevitable that someone would eventually inject something unsavory.

"All tech can be abused for weird stuff," Dan Kaminsky, the hacker who pulled off the Bernanke stunt in 2011, told CNNMoney.

Others would like Bitcoin's core developers to take action. "This is actually a big issue," one commenter wrote in a discussion thread on Hacker News. "I don't think we should avoid it."

Related story: 'I lost $50,000 in Bitcoin crash'

Bitcoin's backers appear to be taking this seriously.

"It is an awful situation," the developer Garzik told CNNMoney. "The problem goes to the core of digital currency storage."

Because bitcoin transactions are anonymous, it's difficult to trace a malicious transaction back to its source. Theories about why someone would put the porn links in run the gamut. Perhaps it's anti-child porn activists who want the authorities to take more action. Perhaps it's people trying to shut down Bitcoin, or a group hoping to make money off a crash in the currency. It might just be pranksters looking for trouble.

Most of Bitcoin's users don't think it's actual pedophiles trying to distribute their contraband. There are better, more secure ways to store information, and injecting the porn links cost the perpetrator $50 or $60 in transaction fees.

Already, new versions of Bitcoin's core software are being developed that allow historical transactions to eventually be deleted.

"Once people get the idea that it's not a way to force lots of people to store your data forever, interest in it will go away," said Mike Hearn, a Bitcoin developer. "There might be occasional graffitis here or there, but we can tolerate that."

Bitcoins for beer

Another way to head off problems like this would be to increase the fees charged by bitcoin transaction processors, since these "data spam" interludes generally require dozens or hundreds of small transactions to complete. Or Bitcoin's network could start weeding out people who are making a rapid series of tiny transactions.

But both these options diminish some of Bitcoin's biggest selling points to begin with: its low transaction fees and lack of central authority.

"The answer is very complex," Garzik wrote in his blog post, "with implications that travel to the heart of Bitcoin's value."

Join the Conversation

Search for Jobs