CVE-2018–17144 is the recent critical bug fixed in Bitcoin Core 0.16.3 (if you haven’t upgraded yet, do it now!), that could have been used to create thin bitcoins out of thin air, thus breaking the currencies most fundamental promise — no more than 21,000,000 bitcoins can ever be created.

It was introduced into the codebase 2 years ago in this merge, and discovered and responsibly disclosed recently. If exploited, this bug could have shattered public faith in Bitcoin and set the currency back years.

I have called out on reddit and github for a full root cause analysis / 5 whys analysis of the issue, but have been downvoted, and the relevant github issue was locked for comments. So here I am using another channel for this call out.

This bug is the most serious bug found in Bitcoin for the last 5+ years. We as a community can’t just accept it and move on. There needs to be a detailed, deep investigation as to why and how this bug was introduced. We want Bitcoin to reach version 1.0, to be “production ready” to be the world’s currency — and for that to happen we need to treat bugs seriously. Clap if you agree.