During the recent Pectra upgrade on the Sepolia testnet, Ethereum faced significant technical challenges exacerbated by an unknown individual exploiting a vulnerability. This user managed to send zero-token transfers, disrupting the operation and causing the system to mine empty blocks. Initially rolled out at 7:29 am on March 5, issues quickly surfaced due to an erroneous deposit contract event, said Ethereum developer Marius van der Wijden. Despite deploying a fix, a critical edge case remained unaddressed, allowing the antagonist to capitalize on it. The problem persisted as empty blocks continued to be mined until the developers executed a private fix across several DevOps nodes. This measure was taken discreetly to prevent further exploitation, amid concerns the attacker was monitoring internal communications. By 2 pm, the network had stabilized with updated nodes successfully processing transactions. Although no finalization was lost, the incident prompted a delay in the Pectra upgrade. Previous tests of the upgrade on the Holesky testnet also revealed issues, leading to this cautious approach. Meanwhile, the Ethereum Foundation is undergoing a leadership transition, with Hsiao-Wei Wang and Tomasz Stańczak assuming co-director roles.
