An inflation bug that nearly ended bitcoin

Photo - An inflation bug that nearly ended bitcoin
A shocking bug was discovered by Bitcoin Core developers that allowed mining millions of Bitcoins for free!
According to renowned cryptocurrency entrepreneur Samson Mow, a software vulnerability that could have killed Bitcoin was secretly patched by Bitcoin Core engineers in September 2018.

The way CVE-2018-17144 was fixed

The inflation bug was so catastrophic that Bitcoin Core developers kept it under wraps. The crypto community was initially told only a fraction of the truth, with reports stating that the vulnerability caused a "service denial." In reality, the bug allowed hackers to disable nodes and even temporarily break a significant segment of the network. Developers clarified that the bug was found in a version of Bitcoin Core released a year earlier. They quickly released a fix within 24 hours of the incident. This proves once again that in the world of crypto, bugs may bite, but developers bite back even harder!
In order to encourage rapid upgrades, the decision was made to immediately patch and disclose the less serious Denial of Service vulnerability, concurrently with reaching out to miners, businesses, and other affected systems while delaying publication of the full issue to give times for systems to upgrade
, – according to the Bitcoin Core report.
This plan worked like a charm: more than 50% of the Bitcoin mining hash rate was updated within a few days. For many crypto enthusiasts, the phrase "service denial" was already alarming. It was later revealed that the bug could have been used to mine at least 21 million BTC for free. Definitely a close call for the Bitcoin community!

Inflation bug origins

Initially, the service outage report was submitted to Bitcoin Core by an anonymous user. Two hours later, developer Matt Corallo realized that the issue was actually an inflationary bug. It arose from unsuccessful attempts by developers to increase Bitcoin's resistance to double-spend attacks. The programmers discovered a vulnerability that had potentially caused a massive node failure when an attacker double-spent the same UTXO within a single transaction. The ill-fated update addressed system-wide failure extremely unsuccessfully. Instead of taking down the nodes, the new error forced the old software clients to recognize double-spent transactions as valid, leading to a potentially catastrophic outcome.

“Bugs happen. This is a fact of life. I'm not criticizing them for having a bug. I'm criticizing the idiot minimalists who insist Core developers are God-like individuals and certainly The Best Devs in the World™”, –Chris Pacia, the lead developer of the OpenBazaar protocol, tweeted.
Bugs happen. This is a fact of life. I'm not criticizing them for having a bug. I'm criticizing the idiot minimalists who insist Core developers are God-like individuals and certainly The Best Devs in the World™
, – Chris Pacia, the lead developer of the OpenBazaar protocol, tweeted.