- On 10/26, a chain-halting bug was discovered on mainnet, which resulted in paused block production for approximately 2 hours.
- To prevent this type of attack from happening again, an emergency soft fork was issued to all block producers on 10/27.
- O(1) Labs has made network improvements to reduce the likelihood of future similar attacks.
On 10/26, a chain-halting bug was discovered on mainnet, which resulted in paused block production for 2 hours and 6 minutes. The issue was reported by community member olgerd_py#5810 on Discord who noticed blocks were being produced much slower than normal.
Out of an abundance of caution, ecosystem partner O(1) Labs took immediate action and were able to complete the fix and release an upgrade within one day.
Upon further analysis of the bug, O(1) Labs determined that the chain-halt was caused by an issue in the block production code. Block producer’s would accidentally produce invalid blocks, and would refuse to broadcast those blocks to the network since they wouldn’t pass validation. No funds were at risk, and no protocol-level bugs allowed the invalid blocks to be accepted into the chain.
Network Upgrade Implementation
Within one day of the issue being discovered, engineers implemented and released `a hotfix to the 126.96.36.199 stable release.’ Block producers were notified via #mainnet-block-producers and #mainnet-updates channels on Discord, as well as email. This release included a security fix for this bug, critical for active block producers. Users were strongly encouraged to upgrade to avoid the risk of missing blocks. However, no funds were at risk.
Block producers were sent a reminder about the release and to confirm the upgrade on 11/2. The network has been working as expected since the fix was completed.
All nodes should now be running 188.8.131.52, or newer.
Thank you to the community members who identified the issues, including olgerd_py#5810, mcd#8527, @emre • PICONBELLO#4353, and @garethtdavies#4963, and everyone who collaborated to upgrade quickly.