Definition
The time-warp attack exploits a quirk in Bitcoin's difficulty-adjustment algorithm. Difficulty retargets every 2,016 blocks based on the time elapsed between the first and last block of the window. By forging timestamps so the network believes far more time passed than really did, a majority miner can drive difficulty sharply downward, then mine blocks at high speed once it bottoms out. Executing it requires sustained control of a large majority of hashrate, so it is a theoretical rather than practical threat under today's distributed hashrate — but it is a real consensus bug, and it shapes how protocol developers think about timestamp rules.
The off-by-one quirk
Block timestamps are miner-supplied and only loosely constrained: a timestamp must be greater than the median time past of the previous eleven blocks and no more than two hours ahead of network-adjusted time. Crucially, the retarget calculation measures the span between the first and last block within each 2,016-block window — spans that do not overlap between windows, an off-by-one in the original code that measures 2,015 intervals instead of 2,016 and, more importantly, never checks the gap across the period boundary. A majority miner can therefore keep timestamps crawling artificially slowly inside a period, then stamp the final block of the period far in the future. The algorithm sees an apparently long period, cuts difficulty, and the last block's inflated timestamp never has to be reconciled with the first block of the next window. Repeated over successive periods, difficulty can be ratcheted down dramatically while real block production accelerates.
Consequences and why it hasn't happened
A successful time-warp lets the attacker manufacture blocks far faster than one per ten minutes: faster-than-scheduled issuance of the remaining subsidy, deep reorganization power, and fee-market disruption. The attack is loud — timestamps visibly diverging from real time are trivially detectable — and it demands overwhelming, sustained hashrate, which is why it has never occurred on Bitcoin's main chain. It has, however, been demonstrated in the wild against smaller chains that inherited Bitcoin's retarget code without inheriting its hashrate, which is a useful reminder that the security assumption is the distributed hashrate, not the code alone.
How it gets fixed
Proposed soft-fork mitigations — the timestamp rules bundled into the "Great Consensus Cleanup" family of proposals — close the loophole by constraining the boundary: the first block of a new difficulty period may not carry a timestamp earlier than a bounded number of minutes before the last block of the previous period. That single rule removes the attacker's ability to whipsaw timestamps across the retarget seam while leaving honest miners, whose clocks are approximately correct, entirely unaffected. Bitcoin's newer test networks already enforce a rule of this shape, and the mitigation is widely regarded as safe; what remains is the ordinary, deliberate process of activating a consensus change on mainnet.
Why a miner should care
For anyone running machines, the time-warp attack is a lens on two facts. First, your block header's timestamp field is consensus-critical input, not decoration — pools and firmware set it within the rules for you, but the rules exist because someone worked out how to abuse them. Second, decentralized hashrate is itself the mitigation: every independent miner and every home machine makes the majority-hashrate premise of this attack — and of the 51% attack family it belongs to — less attainable.
For node runners there is a small practical corollary: timestamp rules are enforced against your machine's view of time, so a node with a badly wrong clock can reject valid blocks or accept marginal ones differently from its peers. Keeping system time accurate is a two-minute configuration task that quietly supports the same consensus boundary this attack probes. The protocol tolerates sloppy clocks by design — it just tolerates them within limits, and the limits are the defense.
In Simple Terms
The time-warp attack exploits a quirk in Bitcoin’s difficulty-adjustment algorithm. Difficulty retargets every 2,016 blocks based on the time elapsed between the first and last…
