I think this is relevant to the question:
http://crypto.stackexchange.com/questions/779/hashing-or-encrypting-twice-to-increase-securityThe relevant bit:
SHA-256(SHA-256(x)) was proposed by Ferguson and Schneier in their excellent book "Practical Cryptography" (later updated by Ferguson, Schneier, and Kohno and renamed "Cryptography Engineering") as a way to make SHA-256 invulnerable to "length-extension" attack. They called it "SHA-256d".
...
I wouldn't be surprised if the inventors of Bitcoin used it for similar reasons.