A serious bug has been discovered in Bitcoin Core versions 30 and 30.1, potentially leading to fund loss during legacy wallet upgrades. Developers have removed the download binaries for v30 and are urging users to back up their wallet files and await the release of version 30.2, which will include a patch for the bug.

The vulnerability affects node operators who use the built-in wallet software and attempt to migrate a legacy Berkeley DataBase (BDB) wallet without a prior backup. In these "rare circumstances," the upgrade process can lead to the deletion of all wallet files on the node, which could include private keys. This bug poses a significant risk to early Bitcoin adopters who may still be using these older wallet formats, potentially putting substantial holdings at risk. The bug does not affect node operators who store all private key data in hardware wallets.

Another scenario that triggers the bug involves users who have enabled pruning, a feature that saves hard disk space. If a BDB wallet was "unloaded" while the node was conducting its pruning process, versions 30 and 30.1 might delete the wallet entirely.

The discovery of this bug highlights the critical importance of backward compatibility in software updates, especially within the Bitcoin ecosystem. While the bug itself wouldn't cause a fork in the Bitcoin blockchain, it does represent a backward-incompatible change that can lead to the irretrievable loss of user funds.

Bitcoin Core developers are actively working on a fix, with version 30.2 expected to address the vulnerability. In the meantime, users of Bitcoin Core are strongly advised to back up their wallet.dat files before attempting any upgrades.

The incident serves as a reminder of the inherent risks associated with managing cryptocurrency wallets and the importance of taking appropriate precautions to secure digital assets.