A malformed transaction pushed Cardano into a brief chain split on Saturday, as older and newer node versions validated transaction data submitted to the network differently.
The discrepancy prompted some block producers to follow a “poisoned” chain while others remained on the normal one, prompting an emergency patch and network-wide upgrade instructions.
The incident – which has since been traced to a wallet belonging to a former testnet participant – is being investigated as a potential cyber attack.
Cardano’s ecosystem governance body Intersect said in a post-mortem report that the divergence occurred when newer nodes accepted a malformed transaction that older nodes rejected.
The inconsistency exploited a flaw in an underlying software library that the validation logic failed to catch. Once widespread, block producers began building on different branches of the chain, creating what the group called a “poisoned” ledger and a parallel “healthy” chain.
Developers rushed to deploy patched node software, and operators were asked to upgrade to rejoin the canonical chain.
Exchanges and wallet providers paused deposits and withdrawals throughout the incident as a precaution, though Intersect said no user funds were lost and that most retail wallets were isolated because they relied on components that safely ignored the wrong transaction.
Cardano co-founder Charles Hoskinson characterized the event as a targeted, premeditated attack by a disgruntled stake pool operator who had sought ways to “damage Input Output Global’s (IOG) brand and reputation”.
He warned that the outage affected all users from block producers who lost rewards to DeFi protocols that encountered an inconsistent state, and said that restoring full network uniformity could take weeks.
Loading…
Meanwhile, an X user writes as “Homer J.” accepted responsibility, saying he was acting alone, not shorting or selling ADA and not intending to cause harm.
The user said he relied on AI-generated terminal commands to block external traffic while trying to replicate the wrong transaction and only realized the extent of the disruption when block explorers froze.
“I am ashamed of my carelessness,” he wrote. “I didn’t have any bad intentions, but I put the network at risk and caused unnecessary stress.”
Loading…
ADA fell more than 6% after the outage, leading to losses among larger tokens as traders likely reacted to the apparent lack of coordination of large-scale upgrades in decentralized proof-of-stake networks.
