Whalesbook
The Exploit and the Dispute Over 'Zero-Day' Status
The Litecoin Foundation stated that a recent 13-block chain reorganization, which rolled back approximately 32 minutes of network activity, was not the result of a "zero-day" vulnerability. However, researchers analyzing public GitHub commits found evidence suggesting a more complex timeline.
Researchers Cite GitHub Activity
Security researcher bbsz showed GitHub logs indicating a critical consensus vulnerability was privately patched between March 19 and March 26, weeks before the exploit occurred. This flaw let invalid MWEB transactions be sent.
Two Vulnerabilities, One Attack
A separate denial-of-service (DoS) flaw was fixed on April 25, the same day the attack began. Both fixes were in Litecoin Core v0.21.5.4, released that afternoon. A zero-day exploit is a flaw unknown to developers when it's used. The key disagreement is that the consensus bug was privately patched weeks earlier but not publicly disclosed or required for mining pools to adopt.
Attack Strategy and Network Recovery
Alex Shevchenko, CTO of NEAR Foundation's Aurora project, explained the attack. Data suggests the attacker funded a wallet and prepared to swap Litecoin (LTC) for Ether (ETH) 38 hours before the attack. Shevchenko believes the DoS flaw was used to disable mining nodes that had applied the patch, letting unpatched nodes process invalid transactions. The network naturally corrected itself with a 13-block reorganization, showing enough updated mining power was running to overcome the attack.
Challenges for Proof-of-Work Networks
Unlike newer blockchains, older proof-of-work networks like Litecoin require independent mining pools to voluntarily adopt patches. This decentralized approach leaves security gaps. The Litecoin Foundation has not yet commented on the detailed GitHub timeline. The amount of Litecoin affected and the value of any illicit exchanges are still unknown.