Since its inception, Bitcoin's mining algorithm has contained a computational error that allows blocks to be mined at an extremely high rate. This was revealed by researcher Loïc Morel.
Satoshi made a mistake.
— Loïc Morel (@Loic_Pandul) April 11, 2026
There has been a bug in Bitcoin mining since day one. It’s a simple calculation error by Satoshi that could be exploited to mine blocks at a crazy speed. This is one of the bugs that BIP-0054 (currently under discussion) addresses. I… pic.twitter.com/GurNv3qKrZ
According to the publication, the flaw is related to the difficulty adjustment mechanism.
Every 2016 blocks (approximately every two weeks), nodes recalculate the target metric to ensure that one block is generated every 10 minutes, regardless of miners' computational power. For this adjustment, nodes measure the duration of the last period, compare it to the target value (2016 x 600 = 1,209,600 seconds), and then adjust the difficulty accordingly.
“The error lies in these calculations. To measure the timing of blocks in the past period, a node compares the timestamp of the first block of the period with the timestamp of the last. Instinctively, this seems logical, but it’s actually a mistake because there are only 2015 intervals between the first and last blocks of the period, not 2016,” explained Morel.
If we denote t0 as the timestamp of the first block and t2015 as the timestamp of the last, the node calculates the elapsed time as T = t2015 - t0. This results in 2015 intervals (from t0 to t1 > from t1 to t2 > … > from t2014 to t2015).
To obtain 2016 intervals, a different formula should be used: T = t2015 - t-1, where t-1 is the timestamp of the last block of the previous period.
This is known as a “one-off error.” This bug introduces an inaccuracy of about 0.05% towards slightly inflated difficulty.
However, the real issue lies elsewhere. The flaw causes adjustment periods not to overlap—the timestamp of the last block of one period is not considered in the calculation of the next.
Time Manipulation
This gap makes a “time distortion” attack possible. The principle is as follows:
- A miner controlling a majority of the computational power begins setting the minimum allowable timestamps for all blocks in the period (except the last).
- In the last block of the period, they artificially assign the maximum allowable timestamp.
- After the period ends, the difficulty is adjusted. Due to the manipulations with timestamps, the measured period lasted longer than it actually did. As a result, the difficulty decreases.
- The attacker repeats a similar manipulation in the next period. Since the periods do not overlap, the first block of the second attack period can have a timestamp from the distant past, while the previous block has a timestamp in the future. This gap increases from period to period.
By repeating this process several times, the attacker could theoretically reduce the mining difficulty to a level where up to six blocks are created per second (instead of one every 10 minutes).
“The consequences would be disastrous: time locks would become useless, the network would be overloaded, the number of reorganizations would increase, and transaction confirmations would lose value. All of this would allow the attacker to collect block rewards at a frenzied pace,” added the researcher.
An attack would be impossible if the first and last blocks of two consecutive periods matched.
How to Fix This Error?
Morel noted that the issue can be resolved with a soft fork as part of BIP-0054.
This initiative proposes that the first block of the new difficulty period has a timestamp that does not exceed the timestamp of the last block of the previous period by more than two hours.
This restriction restores “some form of continuity” between periods, prevents manipulation of time intervals, and makes the “time distortion” attack unfeasible.
Recall that in February, Castle Island Ventures partner Nic Carter predicted a “corporate takeover” of Bitcoin due to quantum threats.