Bitcoin Hacked? It Happened (twice)

Bitcoin has been dangerously exploitable — twice — allowing infinite BTC to be minted for free.

Published in

DataDrivenInvestor

3 min readAug 1, 2020

Most are surprised to learn Bitcoin’s (BTC) source code has been dangerously exploitable, twice, allowing infinite free Bitcoin to be minted. The most recent occurred less than 3 years ago and fortunately was stopped; the first, however, was almost catastrophic. Will there be another?

A Tragedy of the Commons for Bitcoin, its source code still has zero security audits which begs the question: Will another inflation bug be discovered?

The 2 Bitcoin Inflation Bugs Discovered So Far

🔴 The CVE-2010–5139 bug on August 15th, 2010 resulted in 184 billion BTC being minted. On the heels of this event, core developers Gavin Andresen and Satoshi Nakamoto had to roll back the blockchain in order to purge this transaction from block 74638.

🔴 More recently, on September 17th, 2018, the CVE-2018–17144 bug was discovered by a Bitcoin Cash (BCH) developer who selflessly took action before it could be exploited by a bad actor.

Bitcoin’s spaghetti code and hackable past may be the leading factor as to why this “programmable money” has nothing built on top of it, nor any imminent plans to.

Security is paramount; in fact, it is one of highest utilities a cryptocurrency can have. Why hasn’t Bitcoin’s source code undergone a full security audit?

Fooled By Hash Rate

Many people, including several ostensible leaders in the cryptocurrency space, are fooled by the parroting that higher hash rate means higher security. This is easily disproven: The bugs cryptocurrencies have— including Bitcoin — are primarily software bugs. A very small minority of bugs are related to hash rate (e.g. 51% attack). So you can have enormous hash rate, as in the case of Bitcoin, yet if the code is exploitable the hashing provides no security. Think of this like a deadbolted front door with a large glass window beside it. In fact, an inflation bug is the worst kind of attack a cryptocurrency can suffer because it allows the infinite printing of the cryptocurrency for free. As of this writing, 2 inflation bugs have already been discovered in Bitcoin, with the most recent occurring less than 3 years ago. One can only hope the leadership in the cryptocurrency space will exercise prudence and sponsor a full security audit for Bitcoin. There are very few cryptocurrencies with 100% uptime that have multiple security audits and perform flawlessly, but they do exist.

Today more of the Top 10 cryptocurrencies were originally built on top of Ethereum (ETH) than any other blockchain substrate. Ethereum offers superior security in a Turing-complete language featuring smart contract functionality. The capabilities of Ethereum have been enormously beneficial in the advancement of blockchain technology; its myriad programmable design features, coupled with better security and performance capabilities, are features Bitcoin lacks. With the world’s largest free airdrop from the highly anticipated launch of PulseChain — a Layer 1 complete system state fork of Ethereum that runs faster, cheaper, and cleaner transactions — it is an exciting time in cryptocurrency to see what further growth and capabilities may transpire.