Bitcoin Has Had 2 Inflation Bugs

During Bitcoins lifetime it has had 2 inflation bugs where anybody could mint as many coins as they wanted. The first time someone actually abused the bug and minted coins which resulted in the network forking into a version were those coins didn't exist. The second inflation bug was found by a Bitcoin Cash developer who responsibly disclosed the bug.


If you could mint Bitcoin out of thin air would you?


CVE-2010–5139

Pictured below is block #74638 the block where the 184-Billion BTC were minted and sent to two addresses. This exploit was quickly noticed by Jeff Garzik one of the initial developers of Bitcoin who then posted on the Bitcoin talk forums about the occurrence. The chain was rolled back within 5 hours of this bug being found.

The second inflation bug in bitcoin know as CVE-2018-17144 was actually a 2 part bug that included a DoS vulnerability but also an inflation vulnerability where you could double spend coins. This was found by Bitcoin Cash developer Awemany.


"Initially CVE-2018-17144 was presented as a patch for DoS attack on bitcoin network, while in reality it fixed a more severe inflammation vulnerability that would allow creation of new bitcoins by bitcoin miners bypassing the blockchain rules. In theory, the bug could have led to a malicious miner inflating the bitcoin supply by producing a malicious block with transactions containing double-spent coins (“inputs”)."


As you can see below the cause & fix for this vulnerability was in line 3035 where the !CheckTransaction function state was set to false instead of true an automated test was also added to test the scenario of the block with duplicate coin (“input”) spend.