Key Takeaways:
f2pool mined all 13 blocks on the valid Litecoin chain, resolving the April 25 network split. An MWEB exploit let an attacker fake an 85,034 LTC pegout, triggering a 13-block reorganization. Litecoin Core v0.21.5.4 now patches both the inflation bug and the mining node stall behind the attack. How the Exploit UnfoldedOn April 25, the Litecoin network began processing invalid transactions on its MWEB layer, a privacy extension that lets users obscure transaction amounts and addresses. A zero-day bug in the code enabled an attacker to manufacture a fraudulent pegout, a mechanism that moves litecoin from the MWEB layer back to the main chain.
F2pool Steps inOver approximately two hours and 45 minutes, mining pools coordinated to enforce the valid chain through a reorganization, a process where a longer valid chain replaces the one containing invalid blocks. Onchain data from ltc.supply confirmed that F2pool mined all 13 blocks in the winning chain, providing the consecutive proof-of-work needed to make the valid version the definitive record.
By rapidly marshaling an overwhelming majority of the network’s hash rate, the pool effectively orphaned the attacker’s blocks before irreversible exchange confirmations could be finalized.
Analysts described the effort as a “13-block chase” that helped the Litecoin network close the split and return to normal operation.
