Although the Cardano network briefly experienced a chain split, it has since converged and resumed normal operations, a recovery driven by coordinated responses from developers, node operators, and service providers. The divergence originated from a malformed delegation transaction that bypassed validation on newer node software while being rejected by older versions, producing two concurrent ledger states and sustained block production on both forks. The incident was traced to a legacy hash deserialization bug introduced in 2022, a software defect rather than a protocol-level exploit, and no user funds were lost during the disruption. Analysis indicates the malformed transaction was crafted using AI-generated code by a staking pool operator identified as Homer J, who acknowledged employing AI guidance and insufficiently testing the output on testnets before mainnet deployment. Observers noted the same transaction pattern had appeared on the Preview testnet the day prior, suggesting the exploit was likely trialed before being pushed to mainnet. The involvement of AI in generating the transaction contributed to the complexity and unpredictability of the malformed payload, underscoring emergent risks when automated code is applied to critical blockchain operations without rigorous validation. Operational impacts were tangible: major exchanges temporarily paused ADA deposits and withdrawals, block explorers produced contradictory or frozen views, and DeFi protocols experienced inconsistent states across the divided network, which lengthened confirmation times and pressured market confidence, producing a transient ADA price decline. During the response phase, the healthy chain preserved a consistent ledger state, and coordinated advisories prompted operators to update node software to rejoin the converged main chain. Contract audits have been emphasized as a crucial step in preventing such discrepancies in future deployments by ensuring compliance and accountability. Exchanges and custodial services resumed normal operations once convergence was confirmed. An investigation identified the responsible wallet and has been transferred to relevant authorities, including the FBI, while the individual involved publicly accepted responsibility and characterized the action as careless experimentation rather than a deliberate attack. Post-incident priorities have crystallized: enhanced test coverage for edge cases, accelerated and synchronized node upgrades, improved monitoring and communication protocols, and broader attention to governance around AI-assisted development, all intended to bolster resilience and reduce recurrence risk. This episode also highlighted broader ecosystem impacts, including temporary liquidity pressures and reputational concerns tied to the event’s public disclosure, prompting calls for clearer incident reporting and coordination standards among operators and service providers; investigators confirmed chain split. New analysis by node developers also confirmed that the issue exploited a vulnerability in an underlying library that evaded earlier validations, indicating library vulnerability.
