The Bitcoin (BTC) ecosystem is once again rattled by controversy as accusations fly between core developers, miners and node operators over a coordinated effort to undermine Bitcoin Knots, an alternative implementation of Bitcoin Core. What started as a series of mocking remarks and a leaked live video has escalated into claims of an actual Denial of Service (DOS) attack against users running Knots nodes, threatening the decentralized nature of BTC itself. Bitcoin Knots Nodes Face Attack By Core DevsLuke Dashjr, Core developer and CTO of Ocean Mining has raised alarms on X social media, warning users to take extra precautions as bad actors were targeting individual Knot nodes. Dashjr shared a video showing Bitcoin core devs admitting to an attack on Knot nodes. The CTO highlighted the risk of bandwidth exhaustion, advising users to configure their “maxuploadtarget” setting to mitigate damage from the alleged attack. This warning came amid a growing storm of reports that Knots operators were overwhelmed with repeated Initial Block Download (IBD) requests—an exploit that forces nodes into a loop of data-heavy syncing. Anton, a BTC miner at Ocean, shared insights on the video shared by Dashjr, stating that it showed Bitcoin Core developers laughing almost hysterically about the alleged attacks. The footage featured ‘PortlandHODL,’ creator of Marathon’s Slipstream—a transaction-relay service tied to the MARA Bitcoin mining pool—bragging about abusing bandwidth-limited Knots nodes. According to Anton, this was not just trolling but a calculated sabotage attempt designed to discredit Knots and its users. He urged Bitcoiners to push back against what he described as “malicious actors with zero concern about consequences” and to support Ocean pool and Knots instead to preserve Bitcoin’s integrity. Consequently, the backlash was swift, with various crypto community members criticizing the core developers for the alleged attack. A pseudonymous figure, ClioBitcoinBanks.sats, admitted on X to scripting automated IBD requests against multiple Knots nodes, even boasting about disguising them as fresh installs. He framed the act not as an attack but as “defensive return fire” aimed at humiliating Knot operators. BitcoinMonk, a miner and Knots runner, condemned the core developers allegedly involved in the attack. He accused PortlandHODL and his peers of openly mocking pleb node operators while destabilizing the Bitcoin network. To him, the attacks were evidence of a deeper agenda to weaken BTC’s monetary properties and push for adopting “malware” updates in Core v30.Knots Attack Denied Amid FBI Involvement As discontent mounted, some crypto community members escalated the matter further by tagging federal authorities. One user argued that DOS attacks are illegal under US law and urged the FBI to investigate individuals such as PortlandHODL for orchestrating the IBD floods. Interestingly, the narrative took an unexpected twist when one of PortlandHODL’s peers, known as ‘Wicked’ on X, dismissed the accusations entirely. In his view, the creator of Slipstream had never attacked at all. Instead, Wicked suggested the entire scandal was an elaborate act of “trolling” that successfully baited Knots supporters into outrage. According to him, the supposed “attack” was nothing more than banter, and the overreaction—including calls to involve the FBI—only underscored how easily the other side could be provoked.