0.1BTC were made out of thin air on Bitcoin Testnet on September 26. The attacker showed that it’s possible to exploit the inflation vulnerability bug. Reddit users have warned the community that the Bitcoin Testnet is under attack. They called honest miners to help in defending the network.
Apparently, an attacker is mining the invalid-rules chain, the one built before they fixed the latest bug. They have exploited the Bitcoin Core’s bug CVE-2018-17144 to generate 0.1BTC on Testnet. You can see the transaction here, together with the double spend in input script.
Bitcoin’s Inflation Vulnerability Bug
On September 18, Bitcoin Core developers resolved CVE-2018-17144, Denial-of-Service and inflation vulnerability bug on the Livenet, in Bitcoin Core versions 0.16.3 and 0.17.0rc4. John Newbery, the QA developer of Bitcoin, claimed responsibility for not noticing the bug. However, community mostly responded by showing gratitude for his volunteering efforts and diluted the responsibility to everyone who overlooked the development.
I am responsible for the CVE-2018-17144 bug. https://t.co/BrPVivM296
— John Newbery (@jfnewbery) September 24, 2018
A week after the announcement, over half of the Bitcoin hashrate had already upgraded to patched nodes. The community was unaware of any attempts to exploit this vulnerability until today’s attack on Testnet.
It is important to note that even if they had fully exploited the CVE-2018-17144 bug on Livenet, the damage would have probably been reverted as in the case of Value Overflow incident.
Value Overflow Incident
Value Overflow incident happened on August 15, 2010, when the community discovered over 184 billion new Bitcoins on a block 74638. This was possible because the code used for checking transactions didn’t account for outputs so large that they overflowed when summed.
Soft forking reversed the attack. After some time, all nodes accepted the honest blockchain as the authoritative source of Bitcoin history.
Bitcoins created by the malicious transaction in 2010 no longer exist for people using the longest chain.
Your Bitcoins Are Safe
Unlike Mainnet, Testnet does not use or store real value, it’s basically a monopoly money used just for testing. It is not possible to send Livenet Bitcoins to a Testnet address and vice versa. So, your Bitcoins are not connected to the Testnet!
As one Redditer noted, it is good to have a Testnet: “It provides valuable info on how the (Livenet) nodes would behave if the bug is exploited and what the recovery looks like.”
Community will watch if the attacker will manage to spend the output. Honest miners have alerted majority of miners about the attack, so it is expected that they will orphan this transaction.