When Cardano Split in Two: How One Bad Transaction Forked the Mainnet

This article was first published by Deythere.

Just recently, the native token of Cardano, ADA made news not because of an achievement, but for technical difficulty, something that is quite rare. A lone badly-formed delegation transaction took advantage of a latent software bug, resulting in the Cardano mainnet splitting into two competing chains for nearly 14.5 hours. 

One branch, the “poisoned” chain, recognized the invalid transaction, while the other, the “healthy” chain, did not. 

As operators of nodes acted to patch software and exchanges halted operations, the ecosystem’s resilience was tested. 

In the end, no user funding was lost and consensus was restored but not without leaving ample room for debate about how modern blockchains should deal with client diversity, legacy code and security features.

What Went Wrong: The Misdirected Transaction and the Bug

The root cause of the split was a legacy deserialization bug introduced in Cardano’s node software since 2022. The bug wasn’t with the delegation certificates, but with how their hash data was parsed. 

In more recent builds of the node software (10.3. x through 10.5.1), an “oversized hash” delegation transaction was allowed on to the blockchain as valid. Previous versions correctly would have rejected it as malformed.

At approximately 08:00 UTC on November 21, a wallet of an old participant in the testnet chose to broadcast this malformed transaction on mainnet. 

The result, some block producers built blocks that included this transaction, and others didn’t, instantly forking the history of the network.

This divergence led to a live fork: two distinct chains of ledger history, both receiving valid blocks according to their own understanding of validity. In other words, both chains were “valid,” depending on which version of node was used to read the transaction.

Immediate Fallout: Exchanges, Users And Response

The chain’s rupture proved to have immediate effects throughout the Cardano ecosystem. Some major exchanges froze deposits and withdrawals of ADA leading to about 14 hours during which investors could not trade the token on platforms such as Coinbase.

Wallet balances looked off, blocks were being made on both forks, and decentralized applications using a chain-state were diverging. 

Stake pool validators were finding their environments split, some missing rewards depending on which chain they followed.

The incident caused ADA to drop as much as 16% before the price recovered slightly.

Meanwhile, the person who entered the trade known by his pseudonym “Homer J”, owned up. He claims he used an AI-generated script in what he called a “personal challenge” to see if it would work. 

He said he did not mean harm but could not foresee what would result from his actions.

However, Cardano co-founder Charles Hoskinson referred to the event as a “premeditated attack” and said that the FBI had been notified.

Recovery: How Cardano Overcame the Split

Due to coordinated actions by community members across the ecosystem (e.g., developers, SPOs, infrastructure providers, exchanges); Cardano was able to recover from this loss of consensus without significant impact on block production. 

Recovery timeline was rapid:

Within hours, patched versions of node (10.5.2 and 10.5.3) became available that would reject the crafted delegate transaction.

Operators were encouraged to update their software; as more nodes moved over to the patched version, the “healthy” chain would gain weight and become the canonical ledger.

Around 22:17 UTC, roughly 14.5 hours after the split started, the network reorganized to a single chain and let go of the “poisoned” branch.

A post incident reconciliation working group was formed to resolve any unclear transactions or out-of-sync state between wallets, staking pools, and infrastructure as well.

Importantly, no user funds were compromised. Most wallets and dApps using community infrastructure did not need to take any action, as they had versions running which correctly rejected the malformed transaction.

What This Tells About Blockchain Architecture and Client Diversity

The incident has prompted fresh debate around how blockchain protocols ought to be designed in particular, the question of client diversity and resilience.

Unlike multi-client architectures running on networks where they have a variety of independent implementations verifying blocks, the Ethereum competitor had operated using only one client codebase with multiple validators executing different version builds. 

The discrepancy in the validation logic amounted to a vulnerability. Analysts, according to them, insist that this suggests that version skew in monolith blockchains can mimic the same risk of monoculture.

Others (chain models) treat client failure in a different manner. 

For example, the Ethereum protocol is implemented in many independent clients (execution + consensus), so a bug does not necessarily compromise the network at large.

Single runtime networks like Solana typically address bugs by pausing and restarting, giving up liveness for chain integrity. 

Cardano’s choice of action in this incident was a sacrifice of uniqueness temporarily for the liveness side; the blocks kept being produced and avoided full outage.

The episode is a reminder that client diversity, rigorous legacy-code audits, and coordinated recovery plans are not optional; they are necessary to designing a robust blockchain.

Implications and What Comes Next

It is believed that this chain split will impact how L1 blockchains, developers and investors consider decentralization, security and liveness. 

For Cardano:

It might lead to more cautious release cycles, more pressure for aggressive legacy-code deprecation and better testing/fuzzing of less commonly used code paths (e.g., delegation certificate parsing).

The community bug bounty program may be broadened to support responsible disclosure rather than mainnet street testing. In fact, the ecosystem body Intersect now promotes security as a form of a proactive mindset.

Exchanges, wallet- and dApp-providers could now re-evaluate their processes of upgrading and managing software releases in order for further future divergences in behavior to be prevented.

The incident is a warning to the blockchain industry. No matter how mature and well-designed a network might be, it can fall victim to catastrophic vulnerabilities if there isn’t enough diversity in clients or release discipline.

Conclusion

The Cardano chain split in November 2025 is a real-world example of what it means when a single malformed transaction, an execution that behaves differently on different machines, or is caused as a result of the previously dormant bug, can pull apart one of the biggest blockchains into two separate histories. 

But despite the chaos, the network rebounded with no money lost, due to timely patches and coordinated upgrades. 

The event exposes the trade-offs in blockchain design, which shows that client diversity, disciplined version control and strong governance are important for resilience. 

That split, for Cardano and L1 networks, will be a reminder that nothing is set in stone when it comes to security in the crypto world.

Glossary

Delegation: A user transfers their right to create blocks to a stake pool.

Deserialization bug: A defect in software that misinterprets data as it is being converted from its stored or transmitted format into a language that the computer can understand and manipulate.

Poisoned chain B: The subnet that accepted the invalid transaction.

Healthy chain: the branch that denied the invalid transaction and had a valid ledger state.

Client diversity: Executing several different, open source protocol software libraries to avoid a SPOF.

Node version skews: When different nodes in a network run different versions of the software, potentially with differing validation.

Frequently Asked Questions About Recent Cardano Split

Did anyone suffer financial losses from the Cardano split?

No. Post-incident analysis indicated that there was no impact on user funds. Wallets and exchanges had already halted deposits/withdrawals as a precaution. The upgraded chain eventually prevailed.

How long did the split last?

Nearly 14.5 hours from bad transaction to the network being fully re-converged.

What triggered the split? A hack or bug?

A malformed delegation transaction that got enough endorsements to be included in a block allowed the exploit of a legacy deserialization bug which led to the split. The creator responsible later confessed to airing it, saying they employed AI-generated code.

How was the network restored?

There are now patched node versions (10.5.2 and 10.5.3) which reject the improperly constructed transaction. After infrastructure operators made the upgrade, consensus returned to the “healthy” chain.

Does this imply Cardano is insecure?

Not necessarily. The event highlighted vulnerability through version skew and legacy code; however, the quick rebound, funds remaining safe, and coordinated ecosystem response all point to anti-fragility. Still, the incident highlights the need for multiple client implementations and thorough testing.

References

CoinDesk

Cybernews

CryptoSlate

NullTX

CoinCentral