Summary
- On 10/26, a chain-halting bug was discovered on mainnet, which resulted in paused block production for approximately 2 hours.
- To prevent this type of attack from happening again, an emergency soft fork was issued to all block producers on 10/27.
- O(1) Labs has made network improvements to reduce the likelihood of future similar attacks.
Bug Discovery
On 10/26, a chain-halting bug was discovered on mainnet, which resulted in paused block production for 2 hours and 6 minutes. The issue was reported by community member olgerd_py#5810 on Discord who noticed blocks were being produced much slower than normal.
Out of an abundance of caution, ecosystem partner O(1) Labs took immediate action and were able to complete the fix and release an upgrade within one day.
Technical Details
Upon further analysis of the bug, O(1) Labs determined that the chain-halt was caused by an issue in the block production code. Block producer’s would accidentally produce invalid blocks, and would refuse to broadcast those blocks to the network since they wouldn’t pass validation. No funds were at risk, and no protocol-level bugs allowed the invalid blocks to be accepted into the chain.
Network Upgrade Implementation
Within one day of the issue being discovered, engineers implemented and released `a hotfix to the 1.3.1.2 stable release.’ Block producers were notified via #mainnet-block-producers and #mainnet-updates channels on Discord, as well as email. This release included a security fix for this bug, critical for active block producers. Users were strongly encouraged to upgrade to avoid the risk of missing blocks. However, no funds were at risk.
Block producers were sent a reminder about the release and to confirm the upgrade on 11/2. The network has been working as expected since the fix was completed.
All nodes should now be running 1.3.1.2, or newer.
Thank you to the community members who identified the issues, including olgerd_py#5810, mcd#8527, @emre • PICONBELLO#4353, and @garethtdavies#4963, and everyone who collaborated to upgrade quickly.
About Mina Protocol
Mina is the world’s lightest blockchain, powered by participants. Rather than apply brute computing force, Mina uses advanced cryptography and recursive zk-SNARKs to design an entire blockchain that is about 22kb, the size of a couple of tweets. It is the first layer-1 to enable efficient implementation and easy programmability of zero knowledge smart contracts (zkApps). With its unique privacy features and ability to connect to any website, Mina is building a private gateway between the real world and crypto—and the secure, democratic future we all deserve.
