On November 21, 2025, the Cardano network faced a significant test when a malformed transaction, created with the help of AI-generated instructions, triggered a temporary chain split. This event caused ADA’s price to drop by 16%, prompted major exchanges to halt services, and led to an investigation by federal authorities, placing a spotlight on the intersection of legacy code, new technology, and network security.
The Technical Breakdown and Response
The incident began when a staking pool operator known as “Homer J” executed a specially crafted delegation transaction. This transaction exploited a deserialization vulnerability—a bug that had existed in Cardano’s code since 2022 but had remained dormant. The malformed data caused a critical divergence: newer versions of the node software accepted the transaction as valid, while older versions rejected it. This mismatch instantly split the network into two competing chains, each with its own version of the transaction history.
The impact was immediate. Core services, including block explorers and DeFi applications, began displaying inconsistent data, and transaction confirmations slowed or failed. In response, major exchanges like Coinbase, Kraken, and Upbit proactively suspended deposits and withdrawals of ADA to protect users from potential double-spending and transaction losses. Coinbase’s pause, the longest of the group, lasted approximately 14 hours.
A coordinated effort from Cardano’s core entities—Input Output Global (IOG), the Cardano Foundation, Intersect, and EMURGO—led to a swift resolution. Emergency patches were developed and released within three hours of the split being detected. As node operators upgraded their software, the network naturally regained consensus by the next day, averting a more prolonged crisis.
Conflicting Narratives and Legal Repercussions
In the aftermath, two starkly different narratives emerged. The individual behind the event, “Homer J”, came forward to apologize, characterizing the incident as a careless mistake. He claimed he was experimenting with AI-generated code to replicate a known issue and had unintentionally executed the commands on the mainnet instead of a testnet, stating he felt “awful” about the scale of the disruption he caused.
Cardano founder Charles Hoskinson rejected this explanation, labeling the event a “premeditated attack” from a disgruntled stake pool operator. Hoskinson confirmed that the matter had been referred to the FBI for investigation. This decision to involve federal authorities had immediate internal consequences, leading to the resignation of an IOG engineer who expressed concern that the move could criminalize future development errors and routine testing.
Broader Implications for the Industry
This event serves as a sobering lesson for the entire blockchain industry. First, it highlights that even mature, well-established networks can harbor hidden vulnerabilities, and the increasing use of AI-generated code introduces new, unpredictable risk vectors. Second, the incident triggered a crucial debate on governance and legal boundaries. The involvement of the FBI raises complex questions about where technical negligence ends and criminal intent begins in a decentralized ecosystem.
While the swift patch and market recovery demonstrated the resilience of Cardano’s community and its response protocols, the episode undeniably exposed the need for more robust safeguards, thorough audits, and clearer legal frameworks for developers and operators alike.
