A piece of software that implements a Satoshi-like blockchain client is a rather complicated one: it ingests and processes unauthenticated content, performs cryptographic validations and keeps large amounts of data both in memory and on disk. In general, a question relevant both for blockchain developers and security researchers is: what is a set of "baseline" bugs that apply in that context. Of interest are bugs inherent to the blockchain; general appsec bugs such as memory corruption are less interesting, as they do not really pertain to the nature of blockchain systems. In this talk we'll briefly look at a possible list of such baseline bug classes and focus on application security level DoS vectors. This includes issues related to serialization/deserialization, orphan transaction handling, quadratic complexity processing on user supplied input, memory stores of unlimited size, etc. The goal of this talk is to equip the audience with the means to search for relevant application-level DoS bugs in popular coins themselves.