Search

Bitcoin Core v30 Has To Rollback

BTC Core 30 Rollback

Share this article

In an extraordinary egg-on-face moment (or moemish, as we call it in my native South Africa), Bitcoin Core developers issued an urgent warning on January 5, 2026, about a catastrophic bug in versions 30.0 and 30.1 that can completely delete wallet files and result in total fund loss. The severity of the issue prompted developers to take the unprecedented step of removing v30.0 and v30.1 binaries from bitcoincore.org entirely—effectively pulling the releases from official distribution.

This emergency response marks one of the most serious incidents in Bitcoin Core’s 15-year history, raising uncomfortable questions about development processes, quality assurance, and the risks inherent in upgrading mission-critical financial software.

For users who upgraded to v30, the situation is particularly fraught: they now face the choice of continuing to use software with a known critical bug or downgrading to v28 or switching over to another implementation like Bitcoin Knots.

The Bug: What Actually Goes Wrong

The core issue lies in Bitcoin Core’s wallet migration process—specifically the migration from legacy Berkeley DB (BDB) wallet format to the newer descriptor-based wallet format introduced to improve wallet functionality and security.

The Technical Breakdown

Bitcoin Core has been transitioning away from “legacy wallets” (which use Berkeley DB database format) to “descriptor wallets” (which use SQLite database format) for several years. Descriptor wallets provide better security, more flexible script support, and improved backup/restore capabilities.

The migration process is supposed to:

  1. Read the old wallet.dat file (BDB format)
  2. Extract all keys, scripts, and transaction data
  3. Create new descriptor wallet files (SQLite format)
  4. Verify the migration succeeded
  5. Mark the old wallet as migrated

However, under specific conditions in v30.0 and v30.1, when the migration fails, the code doesn’t just leave the old wallet alone—it deletes ALL wallet files in the wallet directory, including wallets completely unrelated to the migration attempt.

The Deletion Logic Flaw

The bug appears to stem from overly aggressive cleanup code. When migration fails, the software attempts to “clean up” by removing temporary files. But due to a logic error, instead of removing only the failed migration’s temporary files, it removes everything in the wallet directory.

This is catastrophic because:

  • Bitcoin Core supports multiple wallets running simultaneously
  • Users often store multiple wallet files in the same directory
  • Even if the migration was attempted on only one wallet, all wallets get deleted
  • Once deleted, the wallet files are gone—no recovery possible unless backups exist

As the official Bitcoin Core announcement states:

“Under rare circumstances, when the migration of a wallet.dat file fails, all files in the wallet directory may be deleted in the process, potentially resulting in a loss of funds.”

Who Is at Risk? Understanding the Specific Conditions

The good news is that this bug affects a relatively narrow set of users. But for those affected, the consequences are total and irreversible.

Condition 1: You Must Have a Legacy wallet.dat File

The bug only triggers during migration of legacy BDB wallet files. If you’re using:

  • Already-migrated descriptor wallets: Safe
  • Wallets created in v21 or later (which are descriptor wallets by default): Safe
  • No wallet at all (just running a node): Safe

The risk exists only if you’re attempting to migrate an old wallet.dat file from pre-v21 versions.

Condition 2: You Must Have an “Unnamed” wallet.dat

The bug specifically affects the default unnamed wallet.dat file. Bitcoin Core hasn’t created these by default since version 0.21 (released January 2021—five years ago).

If your wallet has a custom name (e.g., “mysavings.dat” instead of just “wallet.dat”), you’re likely unaffected. The bug targets the specific edge case of users with very old, never-renamed default wallets.

Condition 3: The Migration Must Fail

Crucially, the bug doesn’t trigger on successful migrations—only when migration fails. The official announcement notes: “Specifically, it requires the presence of a default (unnamed) wallet.dat file, which has not been created by default since 0.21 (released 5 years ago), that fails to be migrated or loaded.”

Condition 4: Specific Failure Scenarios

One documented trigger is when pruning is enabled and the wallet was unloaded while pruning occurred. This creates a state where the wallet can’t be properly loaded or migrated, triggering the failure condition that activates the deletion bug.

Other potential failure triggers include:

  • Corrupted wallet files that can’t be read
  • Missing dependencies or incompatible data structures
  • Interrupted migration processes (crashes, power loss, etc.)

The “Rare Circumstances” Reality

Bitcoin Core describes these as “rare circumstances,” which is technically accurate—most users won’t encounter this bug. But “rare” is cold comfort when the consequence is total, permanent fund loss.

The affected population is likely:

  • Long-time Bitcoin users who’ve run Core since before 2021
  • Users who never renamed their default wallet
  • Users who enabled pruning
  • Users whose wallets have edge-case data that causes migration to fail

This describes a specific profile: sophisticated early adopters who run full nodes and maintain old wallet files—exactly the users who likely hold significant Bitcoin amounts.

The Broader Context: v30’s Troubled Launch

What makes this bug particularly damaging is that it comes at the end of an already controversial v30 release cycle marked by internal conflict, delayed releases, and community division.

The OP_RETURN Civil War

Before v30 even launched, it became ground zero for what some called a civil war among Bitcoiners. The conflict centered on v30’s decision to remove the 83-byte limit on OP_RETURN outputs, effectively allowing unlimited arbitrary data storage on Bitcoin’s blockchain.

Critics argued this turned Bitcoin into a “data dump,” enabling protocols like Ordinals and Stamps to spam the blockchain with JPEGs and other non-monetary data. Supporters countered that Bitcoin should remain permissionless and not make value judgments about transaction content.

The debate became so heated that:

  • Luke Dashjr and others proposed BIP 110 (the “Reduced Data Temporary Soft Fork”) to undo v30’s changes
  • Community discussions devolved into accusations of censorship and sabotage
  • The release faced significant opposition from portions of the developer community

This internal strife meant v30 launched in a climate of unusual controversy and divided attention.

The Delayed Release and Extended Review

Despite the contentious nature of the release, Bitcoin Core maintainers subjected v30 to unusually extensive review. The release was delayed for weeks beyond its planned timeline as developers attempted to ensure nothing was overlooked.

As one analyst noted:

“Before it was finally released, it was heavily reviewed and saw a delay that lasted weeks, only for it to come out with a serious bug.”

This is the painful irony: despite extra scrutiny specifically intended to catch problems, this critical wallet-deletion bug still made it into the release. The extended review process, designed to prevent exactly this kind of catastrophe, failed at its core mission.

The Unprecedented Binary Pullback

On January 5, 2026, developers took the rare step of removing v30.0 and v30.1 binaries from bitcoincore.org. This effectively pulls the releases from official distribution, signalling to the community: “Do not use these versions.”

This is nearly unprecedented in Bitcoin Core’s history. While bugs are occasionally discovered post-release, actually pulling binaries from distribution is reserved for only the most severe issues where continued use poses unacceptable risk.

The move sends a clear message: the risk of catastrophic fund loss outweighs any benefits v30 provides.

The User Guidance: Wait or Downgrade

The official advice from Bitcoin Core developers is clear: “At this time, we ask users to not attempt wallet migrations using the GUI or RPC until v30.2 is released.”

For users currently running v30.0 or v30.1, you have a few options:

Option 1: Continue Using v30 Without Migrating

The announcement clarifies: “All other users, including existing wallet users, are unaffected and can keep using existing installations.”

If you’re running v30 but not attempting wallet migration, you can continue using the software normally. The bug only triggers during the migration process itself.

However, this creates an uncomfortable situation: you’re running software that’s been officially pulled from distribution due to a critical bug. Even if you’re not directly affected, should you trust software with known critical issues?

Option 2: Downgrade to v28

Many users and analysts recommend downgrading to v28—the last stable release before the v30 controversies. However, downgrading Bitcoin Core is not trivial:

  • You must close v30 cleanly to avoid database corruption
  • You must install v28 binaries (which may require signature verification)
  • You must restart the node, which may trigger blockchain re-indexing
  • You may need to reconfigure settings if v30 introduced new options

Downgrading is possible but requires care and technical competence.

Option 3: Wait for v30.2

The safest option for most users is simply waiting for v30.2, which contains the fix. This avoids downgrade risks while ensuring you get the patched version. The downside: you’re in limbo, unable to perform wallet operations that might require migration until the fix arrives.

Option 4: Switch over to Knots

Another option is to entrust your wallet to forks of Bitcoin Core maintained by another team, which would review the code and decide whether to merge certain features into their version.

The Critical Importance of Backups

If you are running a node and managing your entire setup yourself, this incident provides you with a good reason to improve your opsec and ensure you’ve covered all your bases.

If you don’t have backups of your wallet files, you don’t really own your Bitcoin. Make sure you’ve backed up your wallets correctly and that you’re comfortable restoring them before you move funds into one.

Why Backups Matter

The wallet deletion bug is catastrophic precisely because:

  • Deletion is instant and complete
  • No recovery mechanism exists within Bitcoin Core
  • File recovery tools might not work (files could be overwritten)
  • The bug doesn’t discriminate—it deletes all wallets, even those with large balances

Without backups, deletion means permanent total loss.

The Backup Gap

Many Bitcoin Core users—even sophisticated ones—don’t maintain adequate backups because:

  • They assume the software is reliable
  • They don’t understand wallet file structures
  • They backup once a year or never update backups
  • They rely on seed phrases (which don’t help for Core wallet.dat files)

This bug exposes the danger of that complacency. Users who lost wallets to this bug with no backups have zero recourse—their Bitcoin is simply gone.

The Broader Implications for Bitcoin Core Development

The v30 bug incident raises uncomfortable questions about Bitcoin Core’s development process, governance, and quality assurance that extend far beyond this specific technical issue. It further sours the communities relationship with the current core team and leaves questions around their ability to manage the project.

Most investors aren’t that deep into the weeds, they don’t understand all the technical nuances, so they will treat this uncertainty as bad news, which could encourage divestment or discourage self-custody.

Vigilance is the Price of Financial Sovereignty

The Bitcoin Core v30 wallet deletion bug provides a stark reminder that self-custody means self-responsibility. The software that gives you complete control over your Bitcoin also gives you complete responsibility for its security.

No insurance fund will make you whole if a bug deletes your wallet files. No customer support will restore your lost funds. No regulatory authority will force the developers to compensate you. The consequences of software failures in a decentralised, self-sovereign system fall entirely on users.

For those who choose self-custody, the v30 bug is a reminder: your Bitcoin is only as secure as your backups, your operational discipline, and your awareness of the tools you’re using.

Stay vigilant. Stay updated. Stay backed up. Your financial sovereignty depends on it.

Donate to TBM mobile view
donate btc blog
Donate

Disclaimer: This article should not be taken as, and is not intended to provide any investment advice. It is for educational and entertainment purposes only. As of the time posting, the writers may or may not have holdings in some of the coins or tokens they cover. Please conduct your own thorough research before investing in any cryptocurrency, as all investments contain risk. All opinions expressed in these articles are my own and are in no way a reflection of the opinions of The Bitcoin Manual

Picture of Che Kohler

Che Kohler

South African bitcoin pleb falling down the rabbit hole and willing to share every bump, scratch and knock along the way
View more articles from this author

Leave a Reply

Related articles

You may also be interested in

Freebitco.in shutting down

The Fall of FreeBitco.in

December 19, 2025

For over twelve years, FreeBitco.in stood as one of Bitcoin’s most enduring success stories—a simple faucet site that paid out free satoshis to millions of

Cookie policy
We use our own and third party cookies to allow us to understand how the site is used and to support our marketing campaigns.
Gimme those cookies!
  • +40-200-4286-09
  • office@publibox.com
  • 83 Barbara St, Newark, NJ 07105

Hot daily news right into your inbox.