A malformed transaction pushed Cardano into a brief chain split on Saturday, as older and newer node versions validated transaction data submitted to the network differently.
This mismatch caused some block producers to follow a “poisoned” chain while others remained on the normal chain, triggering an emergency patch and network-wide upgrade instructions.
The incident – which has since been traced to a wallet belonging to a former testnet participant – is being investigated as a potential cyberattack.
Intersect, the governing body of Cardano’s ecosystem, said in a postmortem report that the divergence emerged when newer nodes accepted a malformed transaction that older nodes rejected.
The inconsistency exploited a bug in an underlying software library that validation logic failed to detect. Once propagated, block producers began to rely on different branches of the chain, creating what the group called a “poisoned” ledger and a “healthy” parallel chain.
Developers rushed to deploy patched node software and operators were asked to upgrade to join the canonical chain.
Exchanges and wallet providers suspended deposits and withdrawals throughout the incident as a precaution, although Intersect said no user funds were lost and most retail wallets were isolated because they relied on components that safely ignored the malformed transaction.
Cardano co-founder Charles Hoskinson called the event a targeted, premeditated attack carried out by a disgruntled stake pool operator who was looking for ways to “damage the brand and reputation” of Input Output Global (IOG).
He warned that the disruption was affecting all users, with block producers losing their rewards due to DeFi protocols experiencing inconsistent state and said restoring full network uniformity could take weeks.
Loading…
Meanwhile, user
The user said he relied on AI-generated terminal commands to block external traffic while trying to reproduce the malformed transaction and only realized the extent of the disruption when block explorers froze.
“I am ashamed of my carelessness,” he wrote. “I had no bad intentions, but I put the network at risk and caused unnecessary stress.”
Loading…
ADA fell more than 6% following the disruption, leading to losses among major tokens as traders likely reacted to the apparent lack of coordination of large-scale upgrades in decentralized proof-of-stake networks.
