ADA plunged 16% after an AI-generated transaction caused a temporary split in the Cardano chain, prompting an FBI investigation and the suspension of operations on major exchanges. The episode compromised cross-version node validation and forced urgent patches to restore the single history of the ledger. Developers worked to reconcile the network while exchanges assessed the state of the chain.
The disruption began with a malformed delegation attributed to a stake pool operator identified as “Homer J.” That transaction, although protocol-valid for more recent node versions, exploited a deserialization bug in outdated libraries, causing different nodes to process the same data incompatibly and creating a temporary fork.
Developers and operators deployed node updates (10.5.2 and 10.5.3) and coordinated stake pool migration to allow the “healthy” chain to overtake the “poisoned” one. The ADA network, based on the Ouroboros consensus, resolved the discrepancy within hours — and according to internal reports, within 14.5 hours — without the need for a full rollback or loss of user funds.
Additionally, the incident appears to have had a prior trial on testnet days earlier, suggesting prior recognition of the attack surface.
Response and ADA market impact
The market reaction was immediate: exchanges such as Coinbase and Kraken suspended ADA deposits and withdrawals while they assessed the state of the network, amplifying the price drop. Technically, the rapid recovery was presented by developers as a demonstration of Cardano’s fault-tolerance design; the ecosystem itself defended the absence of direct user losses as an indicator of resilience.
The incident also sparked a public debate about accountability and limits in open source development. Charles Hoskinson described the event as a “premeditated cyberattack”, advocating legal action and the need to pursue the responsible party for the damage caused to public infrastructure.
As additional context, the integration of AI into development and testing tools multiplies risk vectors; in this case the transaction was generated with AI support, raising new requirements for control and auditing of updates that involve advanced automation. The upcoming improvement known internally as Leios has also been cited, whose evolution should incorporate safeguards against similar vectors.
In practical terms, the incident demonstrated that a combination of legacy code and advanced transactions can cause significant disruptions, but also that rapid coordination between developers and operators can restore network integrity without loss of funds.
