Widely used software Bitcoin Core, which runs on the world’s largest Bitcoin blockchain, has passed its first public security audit.
The audit was conducted by independent cybersecurity firm Quarkslab, with funding from Brink and coordination from the Foundation for the Advancement of Open Source Technology.
Bitcoin Core began its development in 2009, receiving over 46,000 commits and contributions from dozens of developers. Despite its maturity, the project never underwent a full public audit, despite securing trillions of dollars in assets. In 2025, this gap was addressed.
The audit, conducted from May to September, focused on the peer-to-peer network layer, one of the most common attacks on the Bitcoin network. Quarkslab expanded the analysis to include memory pool logic, network management, consensus verification, and the transaction processing path.
Her team used a combination of manual code review, dynamic analysis, and advanced fuzzing techniques, some of which were first introduced into the codebase. Bitcoin Core.
The results were encouraging: auditors identified two low-severity issues and 13 advisories, none of which had a security impact according to the internal vulnerability classification. Bitcoin Core.
Quarkslab confirmed that the architecture and code quality Bitcoin Core demonstrated outstanding results.