"The postmortem identified the root cause as a missing metadata check during block connection. When an MWEB input spends a previous output, the metadata it carries must match the actual UTXO being consumed."
"Developers discovered the vulnerability through internal review on March 19. A chain scan showed exploitation had already occurred at block 3,073,882."
"An emergency release, Litecoin Core 0.21.5, was pushed to miners to block new malformed inputs. A follow-up release, 0.21.5.1, added a historical exception for the already-accepted exploit block."
Litecoin developers confirmed a security incident involving a Mimblewimble Extension Block validation bug. This bug enabled an attacker to fabricate an 85,034 LTC pegout in March 2026. An exploit attempt in April triggered a 13-block chain reorganization, impacting NEAR Intents, which lost 11,000 LTC. The root cause was identified as a missing metadata check during block connection. Emergency releases were issued to patch the vulnerabilities and contain the inflated outputs, ensuring the integrity of the network was restored.
Read at news.bitcoin.com
Unable to calculate read time
Collection
[
|
...
]