b3chain / Testing & Verification / Bitcoin Security Inheritance

Bitcoin Security Inheritance

Bitcoin Core ships ~140 C++ unit-test groups and ~158 functional tests. They encode the security properties Bitcoin already proves — block validation, script soundness, mempool policy, p2p safety, wallet correctness. B3Chain inherits Bitcoin Core 30.2.0, so these tests run here too. This page is a public summary of what passes, what is deliberately different, and why.

Source: doc/SECURITY-INHERITANCE.md Verifier: audit-bitcoin-inheritance.sh Last run: not yet

1. Why this matters

The Phase 11 self-audit covers the things B3Chain changed — the B3PoW-Scratch v1.1.1 PoW swap, the new address prefix, the BIP44 coin_type, the 51% attack scenario. It does not check that Bitcoin's other security properties are still intact after we forked. This page closes that gap.

The principle is simple: every Bitcoin invariant is one we get for free as long as the test that proves it still passes. If a test we expected to inherit suddenly fails, it is a real regression and we file it.

2. Headline numbers

StatusCountMeaning
inherited Bitcoin's test passes unmodified on B3Chain. Free property.
inherited-with-rebrand Passes after rebranding strings (e.g. bitcoindb3chaind); underlying invariant unchanged.
diverged-by-design B3Chain intentionally differs (PoW, address HRP, coin_type). A B3Chain-specific test in contrib/testing/audit/ covers the new behaviour.
failing-investigation Real regression. We did not mean to break this. Filed as an issue with label inheritance-regression.
pending Verifier hasn't run yet on this row.

Counts will populate after the first audit-bitcoin-inheritance.sh run on a built tree.

3. What we inherit (selected)

Bitcoin invariantUpstream testStatus
Script verification (P2PKH, P2SH, SegWit, Taproot) script_tests.cpp, feature_taproot.py inherited
Mempool policy (RBF, package, ancestor limits) mempool_tests.cpp, feature_rbf.py inherited
BIP-30/34/65/66/68/112/113/141/143/147/341/342 per-BIP functional tests inherited
SHA-256(d), HMAC, RIPEMD-160 (still used for txid & merkle) crypto_tests.cpp inherited
BIP32 derivation, descriptor wallets, PSBT (BIP174) bip32_tests.cpp, descriptor_tests.cpp inherited
BIP155 addrv2, BIP324 v2 transport, peer eviction, DoS scoring bip324_tests.cpp, denialofservice_tests.cpp inherited
Block weight, sigops, coinbase maturity, halving schedule feature_block.py, validation_tests.cpp inherited

4. What is deliberately different

What we changedWhyB3Chain-specific test
PoW algorithm (SHA-256d → B3PoW-Scratch v1.1.1, memory-hard BLAKE3 variant) Reduces ASIC concentration risk in early days — PoW is bounded by memory bandwidth, not by primitive throughput. audit-b3pow-isolation.py (H-1), audit-b3pow-budget.py (H-1.1), audit-b3pow-cache.py (H-1.2), audit-b3pow-headers-cap.py (H-1.3), audit-simd-blake3.py (B-1)
Address HRP (bcb3) Cross-chain address confusion is the most-reported user error in forks. audit-address-rejection.py (W-1) — 36 Bitcoin samples rejected.
BIP44 coin_type (09333) Same seed in a Bitcoin wallet must derive different keys; protects users from accidental cross-chain spend. audit-hd-coin-type.py (W-2)
Network magic bytes & DNS seeds Bitcoin nodes must not be able to talk to B3Chain nodes accidentally. audit-network-isolation.py (N-1)

5. Run it yourself

Prerequisites

OS
Linux or WSL2
Python
3.10+
RAM
~8 GB free (functional suite is parallelised)
Time
~3–6 hours for the full --extended run; ~25 min for unit-only with B3CHAIN_INHERIT_QUICK=1.

Build & run

git clone https://github.com/b3chain/b3chain.git
cd b3chain
cmake -B build && cmake --build build -j$(nproc)

# Quick: unit tests only (~25 min)
B3CHAIN_INHERIT_QUICK=1 bash contrib/testing/audit/audit-bitcoin-inheritance.sh

# Full: unit + functional --extended (~3-6 hr)
bash contrib/testing/audit/audit-bitcoin-inheritance.sh

What you get back

The script runs the full upstream suite, classifies every result against a small allowlist of known-divergent tests (PoW algo, mainnet UTXO snapshot fixtures, etc.), and rewrites the Findings section of doc/SECURITY-INHERITANCE.md. Exit code is non-zero only if there is a real regression (a test that should have inherited and didn't).

6. The allowlist

Three categories of upstream test are expected to fail on B3Chain by design:

  • PoW algorithm testspow_tests.cpp verifies SHA-256d-as-PoW; B3Chain uses B3PoW-Scratch v1.1.1 (memory-hard BLAKE3 variant). Covered by audit-b3pow-isolation.py and the H-1.1 / H-1.2 / H-1.3 sub-audits.
  • Mainnet snapshot testsfeature_assumeutxo.py and feature_assumevalid.py ship Bitcoin mainnet block hashes / UTXO snapshots that don't exist on B3Chain.
  • Hardcoded peer/seed tests — e.g. feature_proxy.py uses Bitcoin Tor seeds; replaced once B3Chain seeds are published.

Any other failure is a real regression. The allowlist is small on purpose — expanding it requires a written reason in SECURITY-INHERITANCE.md.

7. Source files