70% Litecoin Nodes Ignored Latest Update, Network at Risk?

Litecoin’s April double-spend scare may be patched at the miner level, but most reachable nodes on the network still appear to be running old software nearly two months later. 70% of the nodes have completely ignored the new security patch. 

According to data from Blockchair, only 30%  are running up-to-date software that would reject the malformed MimbleWimble Extension Block, or MWEB, transactions behind the April incident. 

The largest visible cohort of Litecoin nodes is still running Litecoin Core v0.21.4. That version reportedly accounts for roughly 39% of reachable nodes and remains vulnerable to the validation issue that developers later addressed.

Most mining nodes have reportedly upgraded, which means the network’s block-production layer is less exposed than it was in April. However, many non-mining validating nodes, which make up a large part of the reachable node network, continue to run older code.

What Happened in April?

The issue traces back to Litecoin’s MWEB privacy layer, which was activated in 2022 to improve transaction privacy.

In April, an attacker used a malformed MWEB peg-out transaction to exploit a validation flaw. The transaction effectively allowed a small input to support a much larger LTC withdrawal, creating coins that should not have existed.

The incident escalated on April 25, beginning around block 3,095,931. Unupgraded mining nodes accepted invalid MWEB data, while upgraded miners encountered a separate denial-of-service problem linked to mutated block handling.

The invalid chain eventually grew to 13 blocks before mining pools coordinated to invalidate the bad block, share valid-chain blocks, and extend the correct chain. The valid chain overtook the invalid chain, removing the fraudulent peg-outs through a 13-block reorganization.

Litecoin’s official postmortem said the April reorg was not a rollback of valid Litecoin history. Instead, it removed an invalid chain created by miners that had not upgraded or had not fully enforced MWEB validation rules.

Emergency response from developers

After the attack, the Litecoin team responded quickly. According to the official account, “A zero-day bug caused a DoS attack that disrupted major mining pools.” The incident forced developers to act quickly and release software updates.

They released version v0.21.5.4 right after the incident to reduce the risk of further attacks. Later in early May, they released another update called v0.21.5.5 to make MWEB checks stronger and prevent the same type of problem from happening again.

These updates are free and available to everyone, but many node operators have still not installed them. This slow action is now one of the biggest problems facing the network.

A post-incident review at the time showed that only about 23% of nodes had upgraded shortly after the patches were released. This number is still low even weeks later.

Why the risk still exists today

So, most of the network is still running old software that cannot properly block the type of fake transactions used in April. Because Litecoin is decentralized, there is no central authority that can force everyone to update. Each node owner must choose to upgrade on their own, and many have not done so.

The MWEB system itself was introduced in 2022 to improve privacy for Litecoin users. It was meant to be a good upgrade, but it also created the weakness that was used in the attack. 

The most worrying part now is that there is no deadline for everyone to upgrade. Developers have warned users and shared updates, but they cannot force anyone. 

With about 70% of nodes still unpatched, the network is still not fully protected. If a similar attack happens again, some nodes might still accept fake transactions before the system reacts.

Also Read: PancakeSwap Labubu Pool Exploited for $1.1M: What Went Wrong

Follow The Crypto Times on Google News to Stay Updated!