Surprising to hear that considering all the different components that can be attacked and abused...

- Peer discovery
- mempool
- utxo set db
- bitcoin script
- pinning attacks 


Etc.