Cardano experienced a serious incident when a faulty delegated transaction exploited a software vulnerability that existed since 2022, causing the network to temporarily split in two.
Cardano Founder Asks FBI to Investigate After Blockchain Chia Incident
On November 21, the Layer-1 Cardano blockchain experienced its first serious chain Chia in eight years of operation after a faulty delegated transaction triggered a software vulnerability that had existed since 2022, temporarily splitting the network in two.
Cardano suffered a brief Chain Split on Friday after a malformed ADA delegation triggered a Longing-standing code bug, causing nodes to diverge. Founder Charles Hoskinson said the FBI is now investigating. Community users joked that almost no one noticed the split “because nobody…
— Wu Blockchain (@WuBlockchain) November 23, 2025
The incident quickly spread on social media when founder Charles Hoskinson announced that the US Federal Bureau of Investigation (FBI) had joined the investigation into the incident, considering it a serious cyber attack on the network's infrastructure.
Cardano Blockchain Splits Into Two
- According to a report by Intersect, a decentralized community organization in the Cardano ecosystem, the incident started at around 08:00 (UTC) on November 21, 2025, when a misformatted delegation transaction was broadcast to the Cardano network. In theory, this type of transaction is still valid at the protocol level, but in practice, it causes conflicts between nodes due to the different handling of the software versions.
- Specifically, newer nodes in the network accepted the erroneous transaction, while older nodes rejected it because it failed to pass the data validation layer. This resulted in the ledgers of the two groups of nodes no longer being consistent, causing the blockchain to split into two separate chain , each of which continued to create Block and validate transactions independently.
- Intersect said the root cause came from a vulnerability in Cardano's node library, discovered in 2022 but not fully addressed. This vulnerability allows a special type of transaction to bypass data structure checks, leading to multiple nodes interpreting the Block content differently, creating "two parallel realities" in the system.
- In the following hours, Cardano continued to operate but in a Chia state, as new Block were created simultaneously on both chain.
- However, the Block Explorer explorer was “frozen”, showing conflicting information; some DeFi transactions were mishandled, when smart contract calls appeared on one chain but there was no response on the other, causing inconsistency. Over the course of several hours, transaction confirmation times increased from seconds to minutes, with some transactions even failing completely.
- Major exchanges such as Coinbase, Kraken , and Upbit all suspended ADA deposits/withdrawals to XEM which chain would reach final consensus. Coinbase was the longest affected exchange, being down for 14 hours from noon on November 21 to early morning on November 22 (UTC).
- After discovering the bug, the Input Output Global (IOG) team, along with the Cardano Foundation, EMURGO, and Intersect, urgently coordinated and released a patch within 3 hours, helping the chain merge on November 22.
The culprit admitted his mistake by following AI instructions.
- After the network was restored, an X user named “Homer J” came forward to admit that he had accidentally caused the Cardano chain Chia .
Sorry (I know the word isn't enough given the impact of my actions) Cardano folks, it was me who endangered the network with my careless action yesterday evening. It started off as a "let's see if I can reproduce the bad transaction" personal challenge and then I was dumb enough
— Homer J (AAA) (@KpunToN00b) November 21, 2025
- He said he is a Staking Pool operator, Chia that this action came from a personal experiment and had no intention of attacking or destroying the network.
- According to the story, Homer J initially just wanted to re-check a faulty transaction that was recorded on testnet the day before. However, instead of reproducing it on testnet, he performed it directly on mainnet and followed the instructions provided by AI, without conducting a safety check first.
- His post quickly attracted a lot of attention in the community. Some users said that Homer J's actions, though negligent, exposed a serious vulnerability that had existed for three years without anyone noticing, thereby helping to strengthen the network. However, many others considered it an irresponsible act to test uncensored code on the Primary Network.
The most vehement reaction came from founder Charles Hoskinson
- In response to Homer J's confessions, Cardano founder Charles Hoskinson asserted that this was not simply an accident but an intentional act of harm to the network.
Cardano works so fast that we forked, fixed, and caught the guy all in one day. He was quite active in the Fake Fred discord. It was absolutely personal and now he's trying to walk it back because he knows the FBI is already involved https://t.co/MNK6d7bEWv
— Charles Hoskinson (@IOHK_Charles) November 21, 2025
- Hoskinson emphasized that launching a transaction that caused a network Chia cannot be XEM a naive experiment, because it directly affected the entire ecosystem worth more than 14 billion USD, causing disruption to millions of users and hundreds of DeFi projects.
- Hoskinson Chia that Home J was quite active in the Fake Fred group's Discord server. This was a purely personal incident, and now he is trying to deny responsibility because he knows that the FBI has entered the investigation.
- He also confirmed that the Federal Bureau of Investigation (FBI) and several US cybersecurity agencies were contacted by IOG and provided with investigative data. Hoskinson affirmed:
“We cannot allow someone to disrupt the blockchain out of curiosity or to XEM what AI can do. This is vandalism of technology, and we will deal with it according to the law.”
- In addition to the FBI, Hoskinson revealed that several security companies in the Web3 field have also been invited to participate in analyzing transaction codes and error logs to clearly determine the extent of damage, and at the same time assess whether there are similar risks in other node versions.
Wave of internal controversy, IOG programmer resigns
- Following Hoskinson's strong statement, a wave of controversy erupted in the Cardano developer community. Many engineers said that dragging the federal investigation agency into an incident arising from technical testing could set a dangerous precedent for programmers in the blockchain field.
- One of the strongest reactions came from Roman (aka “effectively”), the developer of the Plutus language at IOG, who publicly announced his departure from the company just hours after Hoskinson mentioned the FBI. On X, Roman wrote:
“I didn’t realize that simulating attacks or testing bugs could get me investigated by the FBI. I’ve discovered many vulnerabilities in Cardano’s computational layer, but now I’m worried that if a bug accidentally occurs, I could be XEM a criminal.”
Just submitted my resignation letter.
— effectfully (@effectfully) November 22, 2025
I've fucked up pen testing in a major way once. I've seen my colleagues do the same. I didn't realize there was a risk of getting raided by the authorities because of that + saying mean things on the Internet.
If the Cardano community wants… https://t.co/HFr5KKs8gF
- Roman said he participated in many Cardano network bug simulation tests and contributed dozens of security patches, but now he no longer feels safe working in an environment where a technical error can be criminalized.
- Roman's resignation announcement went viral as many other developers voiced their support for his views. They argued that blockchain projects need the same protection mechanisms for programmers as the cybersecurity industry, to prevent those who discover vulnerabilities from becoming victims of the very systems they help protect.
- Input Output Global (IOG) has not yet given an official response to the incident, but according to internal sources, the company is XEM its testing management policy and developer liability to avoid repeating similar controversies in the future.
- Despite the crash being XEM the biggest in Cardano history, the price of ADA only dropped slightly from $0.44 to $0.40 before recovering slightly to $0.41 at the time of writing. This drop largely coincides with the general downtrend of the crypto market since October.
ADA price movement over the last 7 days, screenshot taken at 09:20 AM on 11/24/2025
Coin68 synthesis
