Notable security incidents¶
A record of supply-chain attacks and emergency fixes in Bitcoin Gold (BTG). Knowing this context will help you understand why the download-verification steps in Wallet setup exist.
2024-07-15 — bitcoingold.org domain hijack¶
bitcoingold.org is no longer the official domain
The bitcoingold.org domain was hijacked and redirected to an attacker-controlled account. The current official URL is btgofficial.org.
Always verify URLs — the GitHub organisation is still BTCGPU, but anything on a URL ending in bitcoingold.org should be considered untrusted.
2020-07-10 — 1,300+ block reorg attack¶
A deep 1,300+ block reorganisation attempt on the Bitcoin Gold (BTG) network on 10 July 2020, with a timestamp backdated to 1 July 2020, was rejected by all v0.17.2+ nodes thanks to the emergency checkpoint published in the v0.17.2 release:
- Checkpoint block hash:
000000059ec8884fa4fbbdbe46c09cfb4ecba281dfa2351a05084e817c1200ae - Checkpoint height: 640,650
- Release date: 2 July 2020
All major mining pools and exchanges adopted v0.17.2 within days. Always run v0.17.2 or newer. v0.17.3 adds rolling-checkpoint finalisation (depth ≥ 9 blocks, age ≥ 4800 s) that prevents deep reorgs at the protocol level.
2018-11-26 — Windows installer hijack¶
Read this before installing any Bitcoin Gold (BTG) wallet you did not build yourself
Between 21 November 2017 and 26 November 2017, an unknown party uploaded malicious Windows installers to the GitHub releases page of BTCGPU. The attack was discovered in late November 2018 and disclosed in the official wiki post-mortem. The malicious installers did not contain a virus, trojan, or remote-exfiltration payload — they weakened the private-key generation routine (CKey::MakeNewKey).
The legitimate entropy was replaced with:
This reduced the search space from 2^256 to roughly 2^40 — about 7 billion possible keys, brute-forceable in half a day on a modern CPU.
SHA-256 sums of the compromised installers (filenames dated 2017-11-21 and 2017-11-26):
| Date | SHA-256 |
|---|---|
| 2017-11-21 | 0ccbae26914fc36973c5b74f0c031ba324bcffc7bbb188e752498573345215d5 |
| 2017-11-26 | 8e9d4cb73116beb173d6079792d474ba29488c6de30a05d2d77bff7850c80b0d |
SHA-256 of the legitimate installer:
53e01dd7366e87fb920645b29541f8487f6f9eec233cbb43032c60c0398fc9fa
Over 70% of the affected coins were recovered. Never use a Bitcoin Gold (BTG) wallet for Windows downloaded from anywhere other than the official BTCGPU/BTCGPU releases page on GitHub, and always verify the SHA-256 of the installer against the value published in the release notes.
Why the library always says "verify the checksum"¶
The 2018 incident is the reason. The pattern of "download from a URL that looks legitimate, runs fine, but quietly weakens the cryptography" is exactly the kind of attack that:
- A normal user will not notice.
- An automatic virus scanner will not detect.
- An SHA-256 checksum verification will catch in 5 seconds.
Every wallet download in this library will include a "verify the checksum" step. Do not skip it.