A malformed transaction pushed Cardano into a brief chain split on Saturday, as older and newer node versions validated transaction data sent to the network differently.
The mismatch caused some block producers to follow a “poisoned” chain while others remained on the normal one, prompting an emergency patch and upgrade instructions across the network.
The incident, which has since been traced to a wallet belonging to a former testnet participant, is being investigated as a possible cyberattack.
Cardano ecosystem governance body Intersect said in a post-mortem report that the divergence arose when newer nodes accepted a malformed transaction that older nodes rejected.
The inconsistency took advantage of a bug in an underlying software library that the validation logic failed to detect. Once propagated, block producers began building on different branches of the chain, creating what the group called a “poisoned” ledger and a “healthy” parallel chain.
Developers rushed to deploy patched node software and operators were instructed to upgrade to rejoin the canonical chain.
Exchange and wallet providers suspended deposits and withdrawals during the incident as a precaution, although Intersect said no user funds were lost and that most retail wallets were isolated because they relied on components that safely ignored the malformed transaction.
Cardano co-founder Charles Hoskinson characterized the event as a targeted and premeditated attack by a disgruntled interest group operator who had been looking for ways to “damage the brand and reputation” of Input Output Global (IOG).
He warned that the outage affected everyone, from block producers who lost rewards due to DeFi protocols encountering an inconsistent state, and said restoring full uniformity to the network could take weeks.
Charging…
Meanwhile, an X user who posts as “Homer J.” he claimed responsibility, saying he acted alone, did not short or sell ADA, and did not intend to cause harm.
The user said he relied on AI-generated terminal commands to block external traffic while attempting to replicate the malformed transaction and only realized the extent of the outage when block explorers froze.
“I am ashamed of my carelessness,” he wrote. “I had no bad intentions, but I endangered the network and caused unnecessary stress.”
Charging…
ADA fell more than 6% following the outage, leading to losses among major tokens as traders likely reacted to the apparent lack of coordination of large-scale upgrades on decentralized proof-of-stake networks.
