For a very brief window, Bitcoin had an additional supply of 184.467 billion, and it almost shut down the entire network!
As of September 2021, Bitcoin’s market capitalization was US$782.65 billion. The cryptocurrency has been gaining massive ground, with over 2,300 US businesses accepting it as a form of payment and Paypal launching crypto services in their U.K. app. However, in spite of the surge in Bitcoin adoption, the currency isn’t quite as safe as one might think it is.
It is in fact possible to hack Bitcoin. In its 12-year history, hackers have exploited bugs in Bitcoin’s codebase to attack the Bitcoin network. One of the three major bugs that have been taken advantage of to hack Bitcoin’s network is CVE-2010-5139, or more popularly known as “The Value Overflow Incident”. Let’s break down what happened during this hack and what has been done since to prevent similar hacks.
Spiraling back to 2010
Before we go into what happened, it is important to preface that Bitcoin only has a limited supply of 21 million coins, of which 18.87 million have already been mined. On August 15, 2010, this limit was broken when someone created an astounding 184.467 billion Bitcoins out of thin air for three different addresses. The anomaly was spotted in block 74,638 by Jeff Garzik, a Bitcoin developer at the time.
The unknown entity that had created these over 184 billion Bitcoins has exploited an “overflow bug” in the Bitcoin code. The overflow bug refers to the inability of Bitcoin’s code to work correctly when summing up very large outputs. The hacker had noticed this bug and taken advantage of it to create 8,784 times the amount of Bitcoin that should have ever existed.
Addressing the bug
Within five hours upon the discovery of the bug, Bitcoin’s creator Satoshi Nakamoto released another version of the Bitcoin client (the 0.3.1 version). This version contained a soft fork (an update) that deleted all the transactions and mining of blocks after the bug had been discovered. The fork also got rid of the additional Bitcoin supply created by the hacker.
With the release of a soft fork, two versions of Bitcoin now exist—the good chain (0.3.1) and the bad chain (the hacked earlier version). Nakamoto urged miners to shift to the good chain, and within 19 hours of the hack, 0.3.1 became the dominant version. While the bad chain is no longer in use, the 0.5 Bitcoin consumed by it is still in circulation. However, it has not been used since the incident.
“The worst problem ever”
The bug was a pretty serious issue, with the lead maintainer of the Bitcoin repository on Github, Wladimir Van Der Laan, calling it “the worst problem ever”. If the bug had not been fixed, Bitcoin would have lost its value, and within 24 hours, the entire Bitcoin system would have shut down. Fortunately, the bug was fixed.
The global cryptocurrency market has a market capitalization of US$1.13 trillion today. As more and more cryptocurrencies continue to enter the market, it seems to be only going up. Without Bitcoin, it is nearly impossible to imagine what the cryptocurrency industry of today would look like (or whether it would even exist, to begin with).
Header image courtesy of Freepik
