Update

Hi, this is Charles Hoskinson broadcasting live from cold, gloomy, rainy London. I'm here for some workshops and obviously was there for the midnight summit. It's been a hell of a day, hasn't it? We were doing executive workshops, and I woke up this morning to find the markets tanked. I thought, "Oh, that's bad.

" Then someone pulled me out of a meeting and said, "Charles, looks we have a network partition." I said, "Oh, on the test net? Yeah, I heard about that yesterday." They replied, "No, mainnet." I said, "Oh, okay.

" I thought, "Well, I've been drinking some whiskey tonight; it's going to be a fun day." Yesterday on the test net, there was a malformed, very specially constructed delegation transaction that took advantage of a bug in a cryptographic library that's been around since 2022. It was so obscure that it created a network partition. Throughout the night, the engineers worked on a hotfix and were pushing it out actively to people on mainnet before an attack occurred. We didn't know if this was an honest action or a malicious attack.

This morning, around 8 or 9 a.m. our time here in London, the malformed delegation transaction was executed on Cardano mainnet. It was directed towards me, a delegation to my pool, Rat's Pool. So whoever did this was sending a message, and it created a network partition.

Basically, there were two chains, and we told all the SPOs they needed to upgrade. Currently, the SPOs are upgrading, and they’ll continue to do so throughout the day. The old chain, which doesn’t have the malformed transaction, will overtake the other chain. Blocks are being made on both sides; the network didn’t stall. When reconciliation occurs, there will be one network again, but the blocks on the poisoned chain will be orphaned.

Many of those transactions in that chain can be replayed on the old chain, but some cannot, so there will have to be a reconciliation step for that. This is one of those things that happens infrequently, but the protocol was designed to survive these types of attacks. This is a very rare one because the attack seems linked to a bug that has since been fixed. If you're a retail user with Daedalus or any of this other stuff, there's nothing you need to do. If you are an SPO, we should have already been in contact with you.

But in the off chance that you haven’t heard from us, please install the latest release, 10.5.3. Throughout the day and night, people will continue installing it. We’ll get it sorted out, and there will be some reconciliation and cleanup that has to happen afterward, but that’s always the case.

Cardano didn’t go down; the network didn’t die or stall; it just keeps running. It can survive these catastrophic events. It’s really the worst-case scenario for a cryptocurrency, and these things happen. Now, I want to say a few things. First off, it was like old times.

We war-roomed all day. J and I were with Agalos, who was in town for the workshops and meetings with the Cardano Foundation, Intersect, and Emergo. I personally would like to thank the Cardano Foundation, Intersect, and Emergo for their professionalism and attentiveness here. We all worked together, set our differences aside as one team. Everyone was exactly what they needed to be, and I’m proud of their work and the time and effort they put in.

There was prompt and assertive communication throughout, and I’m glad that the institutions were able to do that. Hopefully, this can lead to a new chapter of collaboration. We’ll see. It was a good day, and I’m proud of the people that showed up, like Marcus and others from the CF, to work with us. That was a bright spot in a day that wasn’t so bright.

The delegation transaction's wallet responsible for it is this wallet here. I’m going to share my screen and show you a few things. It looks it came from a retired pool that then delegated to my address. This is the address that delegated to my pool and broke the network. It’s obviously a highly personal attack.

If you do some forensics, it looks like whoever owned this was actually part of the ITN. This right here was a commit from them from the ITN. An investigation will be done, a very thorough one, because whoever did this kicked a hornet’s nest. In many jurisdictions, this is a felony—a very serious one. It’s tampering and damaging a digital network.

Maybe it’s just for fun, but these things impact the lives, money, and commerce of millions of people. It’s like trying to shut down an economy. You conduct a cyber attack on a nation-state; there are consequences. We’ll deal with that later, but for now, it’s just getting the nodes updated and pushing things through, which is currently underway. The war room has not disbanded; they’ve been working for about 14 hours straight since the test net was discovered.

There’s nothing the everyday Cardano user needs to do. Just take a break, and once the two chains become one, we can work on reconciliation. There’s going to be a working group at Intersect that Jack has already volunteered to set up. This group will look at all the data on the orphan blocks in the orphan chain and compare and contrast to see what can be replayed and what can’t. Exchanges have already, for the most part, locked wallets and halted deposits and withdrawals, and the rest is getting cleared through.

If I had to guess, we should see the two chains become one tomorrow based on the current upgrade rate, and then everything just goes back to normal for the most part. There will just be some cleanup and some on-chain stuff that has to be done. A full blog post, including a lot of technical information, will be published here shortly, probably coming from Intersect. They’re the entity to push all this out. The technical steering committee at Intersect did a great job as well.

Neil and Kevin Hammond, among others, showed up and were in the war room, and there was a lot of rallying that was done. It was a really wonderful day from the perspective of people coming together for the greater good to take care of something they all care about. Cardano is a family, and sometimes we fight and have bad days and good days. It’s not lost on me how difficult 2025 has been for us all. We’ve had a lot of issues, the ADA voucher scandal, for example.

The markets have been lackluster, there’s been inter-institutional fighting, and obviously, the first year of governance has been challenging as everyone tries to learn how to get along in this new world order. The hallmark of a good family is when people can set all that aside for the greater good and come together to have a conversation as adults and figure out a way to use their skills and knowledge to solve a problem. We did that. The network survived; it didn’t stop, and ultimately, the attack failed. I’m proud of that.

We have a lot more work to do, and SPOs need to install the new node. They’re doing that. If you are an SPO, please install 10.5.3.

It is imperative that you do so. We’ll push it through, and the two networks will become one soon, and we can get back to business. Further communications will go into more detail about how this was done and who’s responsible. We’ll work with the FBI and other partners to investigate and file any criminal complaints we can as users of the network, as will many others, because it caused economic harm and damage to people by denying them use of their software. That’s a felony.

These things come up from time to time. It’s good to have redundant engineering. It’s become clear that we need better SLA delays on certain things, and it exposed a need for more vigilance. As good as software can be, we have formal methods and property-based testing. There’s always more we can do, so there has to be a retrospective written after-action review.

I think it’s most appropriately done at the Intersect level with all the entities contributing to it to discuss better quality assurance to ensure that bugs like these can’t slip through. This was a very obscure, arcane bug that came from a library from 2022, and three years later, it was discovered. Someone probably pretty smart, who was familiar with Cardano, stumbled across something and thought they were being clever. These things happen; it’s the nature of software, and occasionally they can be catastrophic. But if you have the right people and the right redundancies in the system, there’s a path to recovery.

Nobody had to shut the network off or reset it. The network is still making blocks, which is ironically part of the problem because the wrong chain is making blocks too. That will slow down, and the other one will overtake it. I’d like to thank all the SPOs who have upgraded. If your SPO upgraded quickly, make sure to reward them with additional delegation.

If your SPO is a little late to the ball, remind them that they have a duty. So give them a nudge, and let’s get this over the line. We’ll have more information later. I need to get back to work in the war room, but I wanted to give you all a brief update and let that everyone is working hard, and all the entities are collaborating. I think we’re okay.

Thanks, everyone.