Time-Warp Attack

The time-warp attack exploits a quirk in Bitcoin's difficulty-adjustment algorithm. Difficulty retargets every 2,016 blocks based on the time elapsed between the first and last block of the window. By forging timestamps so the network believes far more time passed than really did, a miner can drive difficulty sharply downward, then mine blocks at high speed once difficulty bottoms out. Executing it requires near-total hashrate control, so it is a theoretical rather than practical threat under today's distributed hashrate.

The off-by-one quirk

The attack abuses the way the original retarget calculation measures the span across difficulty periods, letting an attacker who controls consecutive periods backdate the first block's timestamp. Bitcoin already enforces a median-time-past rule and a future-time limit on timestamps, but those do not fully close the historical edge case the time-warp exploits.

Why it matters and how it gets fixed

A successful time-warp could accelerate block production dramatically, enabling deep reorganizations and, in extreme framings, faster-than-scheduled issuance. It is detectable and demands overwhelming hashrate, which is why it has never occurred on Bitcoin's main chain. Proposed soft-fork mitigations — including timestamp-constraint rules bundled into broader "consensus cleanup" proposals — would require the first block of a new difficulty period to be no earlier than a bounded number of minutes before the previous period's last block, closing the loophole.

Because the attack threatens chain integrity, it sits alongside the 51% Attack in the family of majority-hashrate consensus risks.