FBI called as Cardano split in two by a single transaction: Lessons for ETH and SOL client diversity
A single malformed transaction caused Cardano's mainnet to temporarily split into two chains due to a dormant node software bug, prompting an FBI investigation.Summary
On November 21, Cardano experienced a temporary chain split lasting nearly 15 hours after a single malformed staking-delegation transaction exploited a deserialization bug in newer node software versions (10.3.x through 10.5.1). Newer nodes accepted the invalid transaction, creating a "poisoned" chain, while older nodes rejected it, maintaining a "healthy" chain. Cardano co-founder Charles Hoskinson alerted the FBI, as the deliberate broadcasting of the exploit could constitute criminal interference. The network preserved liveness, with both chains producing blocks, contrasting with Solana's tendency to halt entirely upon fatal bugs, and Ethereum's multi-client approach designed to prevent such splits. The partition resolved voluntarily as stake pool operators upgraded to patched node versions (10.5.2 and 10.5.3), causing consensus weight to shift back to the healthy chain. The incident highlighted the risks of version skew in a monolithic client architecture, contrasting it with Ethereum's multi-client redundancy and Solana's halt-and-restart trade-off. Key takeaways emphasize the need for aggressive fuzzing, differential testing, and the value of documented disaster-recovery plans like Cardano's CIP-135, even if not fully invoked, alongside better bug disclosure pathways.
(Source:CryptoSlate)