The Ethereum blockchain temporarily split today, caused by a dormant bug that had been partially fixed. The issues have since been largely resolved—but questions remain over the handling of the fix.
The bug caused chaos because it affected the Ethereum infrastructure provider Infura. When the service went down, citing a “major issue,” many services that use Infura were left unable to interact with the blockchain. Many other nodes were also affected. But how did this all happen?
According to Péter Szilágyi, team lead at the Ethereum Foundation, the bug had been lying dormant for two years. John Youngseok Yang, a Ph.D student at Software Platform Lab, noticed the bug and received 20,000 points (worth $20,000 and typically paid in Ethereum) for finding two serious vulnerabilities. The bug affected a version of the Ethereum blockchain, called Go-Ethereum, or Geth.
Several months ago, Ethereum developers introduced a fix and many nodes running the latest version were then protected. However, the developers didn’t reveal details of the bug, in order to prevent a bad actor from exploiting it (on any nodes that hadn’t upgraded).
The bug caused an unexpected split on the Ethereum blockchain. Image: Shutterstock
What went wrong is that some nodes didn’t upgrade to the latest version. In fact, Infura was running a version of Geth (1.9.9) that was released on December 6, 2019.
And then the bug occurred.
At 7.10 AM UTC, the blockchain split into a longer version and a shorter version. To some degree, this happens all the time and nodes stick to the longer version. But in this case, the nodes that hadn’t updated stuck to the smaller chain. This meant they were showing different blocks and disagreeing with other versions of the blockchain.
With two versions, there was a split. This was from block 11234873 onward.
“The issue is that at some point some change to the code was introduced that led to a split between those who have upgraded and those who have not,” Nikita Zhavoronkov, Ethereum lead developer, told Decrypt.
Ethereum infrastructure provider, Infura, is facing a service outage. Infura runs Ethereum nodes on behalf of projects and companies in the Ethereum ecosystem. Without it, these projects are unable to see what's happening on the Ethereum blockchain.
This issues with Ethereum have caused several crypto exchanges, including Binance, to suspend the withdrawal of Ethereum and ERC-20 tokens.
According to its website, Infura has "identified the root cause and are preparing a fix to restore service fu...
A variety of nodes were affected. Binance runs its own Ethereum node, observed the split and temporarily closed withdrawals from the exchange. Blockchair, an Ethereum block explorer, was also affected and its data was then showing blocks from the smaller blockchain.
“Ethereum-dependent services are facing outages following the recent chain split. ETH withdrawals from Nash trading channels are currently failing, but we’re working to resolve the issue as soon as possible,” tweeted Nash, a non-custodial platform.
Ethereum-dependent services are facing outages following the recent chain split. ETH withdrawals from Nash trading channels are currently failing, but we’re working to resolve the issue as soon as possible.
But the biggest disruption revolved around Infura. It runs Ethereum nodes on behalf of centralized and decentralized projects in this space and has been described as Ethereum’s backbone.
According to its website, many major projects use Infura, including Ethereum wallet MetaMask, non-custodial wallet Coinbase Wallet (which is different from Coinbase’s native mobile app), cat-breeding game CryptoKitties and lending platform Compound.
So, when Infura went down, many of these services couldn’t connect to the blockchain. Those using MetaMask were struggling to make transactions (unless they manually pointed it towards a node that wasn’t affected).
A listing on Coinbase has revived an altcoin's price from its slumber. The major US exchange listed governance token district0x (DNT) in a surprise announcement on November 6, pushing its price skyward within hours at the time, by 797% on Tuesday.
DNT zoomed from $0.0088 a day prior to the listing, to over $0.079 yesterday. Traders have since taken profits and driven prices down to $0.062 (still a nearly 600% increase for those who didn’t sell yet).
The altcoin was one of the most-hyped cryptoc...
Infura, which has been criticized as a potentially centralized weakness in Ethereum’s decentralized architecture came under fire again over the issue.
Casa CTO Jameson Lopp tweeted, “Three words that strike fear in the hearts of those who build on Ethereum: "Infura is down.””
Blockstream CSO Samson Mow added, “Ethereum is Infura. Decentralization theatre can stop now.”
The split caused onlookers to criticize a perceived lack of decentralization. Image: Shutterstock
However, Szilágyi came to its defence, tweeting, “Yo, Internet. Stop pointing fingers at Infura using older Geth. It's only sane from an operator perspective to not surf the newest releases.”
There are a few lessons that can be learned. One is that companies running nodes on behalf of other projects should probably update their nodes on a regular basis. “This is a reminder to keep your node(s) up to date!” tweeted a Geth coder known as M H Swende.
The other is that there should be more transparency when Ethereum implementation updates are released. However, there is a dispute here over whether it would be a security risk to provide too much information.
haha you think I'd be worried about ETH today because devs sneak-pushed a consensus critical bug fix that caused a chainsplit but you'd be wrong because I already sold all my ETH for $6 about 4 years ago on the day of the DAO hack! So jokes on you!
“That said, silently fixing a bug dormant for 2+ years has a much lower chance of causing a disruption than raising awareness to it. We strive to minimize potential damage,” said Szilágyi.
“If we thought that announcing consensus security fixes would make exploitation less likely, we would do that. As it is, we generally do not announce such fixes, but recommend that people keep their nodes up to date. Two of our recent releases have vaguely mentioned security fixes,” added Swende.
So remember, if you see any vague mentions of security fixes—it's probably best to upgrade your node.
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.
The 1inch Foundation has submitted a new proposal to its decentralized autonomous organization to compensate users affected by an October 2024 exploit.
The proposal, dubbed 1IP-80, outlines a reimbursement plan of $768,026 in USDC—the estimated value of the stolen tokens at the time of the attack—to be sourced from the DAO’s treasury.
The DeFi DEX aggregatir Foundation would oversee the verification and distribution process, requiring victims to complete Know Your Customer identity verification,...
A livestreaming Solana meme coin developer has been breaking speed limits and driving round-the-clock for stretches in sometimes inclement weather, all in an attempt to break the world record speed for solo-traveling all 50 American states.
Leland King Fawcette set out in his Hyundai Kona on June 11 from White River Junction, Vermont. He must finish in Honolulu on June 19 by 7:33 PM EDT to beat the record.
At the time of writing, Fawcette had completed 47 of the 50 states in approximately seven...
Organised criminals in the UK are increasingly using gold to launder and hide the proceeds of their activities, according to a report from The Daily Mail.
As the price of gold remains close to record highs at nearly $3,400, the report cites anecdotal evidence of increased gold use among British criminals.
It refers to one case of an Essex drug dealer who in 2024 was found by police to have $32.425 worth of solid gold coins hidden in a safe, as well as to a 2022 case of a Birmingham gang who conv...
