Inflation Bugs: The Worst Smart Contract Vulnerability Imaginable

What is the worst scenario imaginable when creating a new currency?

There are probably a few, but the ability to infintely inflate the supply at will would undoubtedly destroy any curreny.

Most people don’t know this, but Bitcoin had two separate inflation bugs, where anybody could mint as many BTC as they wanted, well over the 21 million BTC limit. 

If a bad actor exploited this bug, they would’ve ran away with billions of dollars and destroyed Bitcoin as we know it. 

Thankfully the bugs were fixed, but they are certainly still around, unsolved or undiscovered. 

Here’s how they work and how to prevent them.

Quick Takes

• Inflation bugs are an unintended use of smart contracts that allow traders to get free tokens. Once sold, they could crash prices overnight without recovery.
• Given the dangerous implications, most dApp developers hire audit agencies to prevent inflation bugs. Still, almost every year some small project shuts down because of these.
• There’s no guarantee that today’s biggest cryptocurrencies don’t have undiscovered inflation bugs. Developers have to keep looking for weak spots before someone else does, which is often a trade-off with centralization.

What is an Inflation Bug?

An inflation bug is a code vulnerability that allows the unintended generation of currency, typically only on platforms that use smart contracts (autonomous programs).

In blockchain computer science, it refers to any means of manipulating the token supply. Inflation bugs can still occur with secure, flawless code.

Whenever you hear that a platform got hacked but no one lost tokens, it’s likely an inflation bug.

That’s because the “loss” comes from creating tokens against the rules or out of thin air, then selling them, and leaving holders with a worthless project.

Depending on the project size, the token price could lose 90% overnight.

If unsolved, the inflation bug can drain all the funds ever deposited into the protocol. 

That’s why it’s also called the infinite-minting bug. Both terms are essentially the same, although inflation bugs are broader and not limited to token generation.

Developers frequently request audits from agencies like Certik to look for inflation bugs and others. Here are a few common mistakes:

How Does An Inflation Bug Happen

There are many variables that, when changed to unintended values, can cause inflation bugs.

It’s not as simple as a Generate token button. It has more to do with unintended functionality than actual coding errors. 

• If you manipulate the token price, you could indirectly manipulate the supply (especially on bridges, liquidity pools, and algorithmic stablecoins).
• If there’s a bug in the burning mechanism (not enough supply reduction), the gradual inflation will eventually push down the price.
• If the project has pre-minted all tokens but locked them away from circulation, an exploit that unlocks those coins would also cause inflation.
• If a project or its bridge is very centralized, a cyber-attacker could potentially force fraudulent transactions into the blockchain to unbalance the price or supply.
• If there’s no maximum supply, whatever inflation bug appears might potentially send the project to $0.
• If developers don’t test all functions, including impractical ones, users can loop them to inflate prices and drain the platform’s funds.

In the (MonoX Protocol) example, an “attacker” deposited the same token for both pairs of the liquidity pool, causing the second token to update to a higher price.

The attacker then kept adding 55 times to further inflate his token quantity and the end sell for other platform assets and leave.

All because developers assumed there was no reason for anyone to swap equal tokens.

Implications of Inflation Bugs

What’s the worst that can happen? If it’s stopped on time, developers can always burn the equivalent amount to mitigate the losses. The problems get worse when the token has no deposit limits or maximum supply.

From most to least obvious, the bug can:

• Devalue the cryptocurrency too quickly for investors to react to the losses. Even lose 99% of the price.
• Drain the liquidity of the platform. If you locked this token for liquidity pools, staking, or others, these can no longer guarantee the return of your initial amount. Or at least not fast enough to avoid further price drops.
• Overwhelm the network. Depending on the total-value-locked (TVL), the bug can increase transaction costs, not only from panic-sellers but possibly urge investors to sell other coins. Maybe you have to hold to the bottom because the fees are too high.
• De-peg stablecoins. Unless it’s an algorithmic stablecoin, the bug would allow printing money without backing. If it doesn’t lose the dollar peg first, it will drain whatever collateral is backing it and prevent holders from redeeming.
• Lose investor confidence. Confidence is critical for stablecoins and blue-chip cryptocurrencies because so many altcoins depend on them. But inflation bugs leave projects a slim chance of recovering prices, TVL, or active users— even if the new version is secure.

E.g., In May 2022, the UST stablecoin came to an end after the collapse of the LUNC blockchain token. It soon relaunched as a 2.0 LUNA, but it never took off. 

LUNC was a top 10 cryptocurrency worth almost $100, but that may not happen again in a long time.

Inflation Bug Examples

Inflation bugs are about as old as Bitcoin, but not because of that they’re less common today. Here are some infamous examples, some of which caused projects to shut down:

Bitcoin (BTC) 

While at times Bitcoin may seem like the unbreakable cryptocurrency, it was at risk of vanishing twice: in 2010 and 2018. And who knows, maybe still to this day.

It’s not unexpected to hear of vulnerabilities in the 2010s. Neither Bitcoin or Ethereum started perfectly and had to upgrade continuously.

The case of August 2010 was a short-lived bug based on a numeric error called “integer overflow,” and it created 184 Billion Bitcoins.

Basically the code for checking transactions didn’t work if the values were too high.

It was so bad that Satoshi Nakamoto himself had to create a patched new version, also removing the 184B block and all that followed.

If that sounds outrageous, the second inflation bug enabled unlimited Bitcoins!

It was discovered by Bitcoin Core developer Matt Corallo on a crash report shared by Greg Maxwell on September 17th, 2018.

The cause of the inflation is called: multiple unspent transaction outputs (UTXOs), allowing miners to theoretically bypass the 21M limit by calling already-spent Bitcoins.

By then, the Bitcoin price was around $6,000. Given the gravity, developers kept it a secret for two years until they were certain that it was no longer a risk.

In the meantime, they corrected the bug on the next Bitcoin Core version and urged as many miners as possible to update.

Terra USD (UST) and Luna (now LUNC) 

Terra UST was an algorithmic stablecoin (no backing) programmed to balance the supply and dollar peg based on a second token: Luna. 

For example, if there’s a lot of demand for UST, the protocol mints more tokens by first locking Luna. It creates arbitrage opportunities on both sides (above and below $1 UST) to keep balance.

In May 2022, however, this was no longer maintained because the market cap of Luna had flipped UST’s. 

Essentially, people panic-sold UST and didn’t want Luna despite the discount (for many reasons like insolvency risk, reduced rewards on Ankr, or the 85M UST sell order). 

The UST mass sale unlocked more Luna, which within a few days increased its supply from 300M to 7 TRILLION. From $90 to <$0.01.

BnB Chain (BNB) 

In October of 2022, cyber-attackers managed to generate two million BNB tokens on the Binance Bridge (~$570M). 

Binance Bridge is a mint-burn bridge, meaning that before generating the token you want, you need proof that the first token was destroyed or sent to a burn address. 

But attackers found a way to forge messages and generate tokens without burning any.

It would have been way worse if the BnB validators didn’t halt the blockchain— which isn’t precisely a good thing.

If you hold BNB you likely didn’t notice much price action because the circulating supply is 155M, but there’s no maximum token limit.

Validators recently deflated BNB by regularly burning tokens.

Other Examples

Other inflation bug cases were reported for:

• Raven Coin (RVN) in July 2020. The attacker generated 315M RVN from a bug found in a community code submission.
• Stellar (XLM) in April 2017. The now-corrected function “MergeOPFrame::doApply” allowed minting 2.2B XML (25% of the circulating supply). 
• MonoX (MONO) in November 2021. The functions responsible for receiving and sending tokens used the same four variables, and this caused the price to inflate when selecting the same one. The attack inflated MONO and exited for $31M.

How To Avoid Inflation Bugs

While there are many ways to avoid inflation bugs, none of them guarantees they won’t happen again.

Can developers really prevent the broad causes of inflation bugs? Overflow bugs, forgery, double spending? It’s not just code, but who and how you use it.

With that disclaimer, the best place to start is with crypto audits.

These professionals will look for both correct code and its implications. Some of their common recommendations are:

• Adding multi-signature to permissions or removing admin keys altogether
• Using more literal, correct naming (also known as strong typing) to avoid unintended usage
• Sourcing data from decentralized oracles like Chainlink rather than directly from exchanges

Note that any community submission can introduce bugs. The developer team should set specific structure and rules for their review. 

A safer approach is immutable code so that those submissions don’t overwrite or risk previous versions.

Inflation bugs are more common on blockchain bridges. So unless your protocol requires multichain features, sticking to one blockchain will greatly reduce security risks.