Ethereum is experiencing a chain split due a number of network validators, also called nodes, failing to upgrade their software.

On Aug. 24, the developer team behind the popular Ethereum software client Geth released an emergency hotfix to a security vulnerability in its code that would have prevented certain users from producing blocks.

The Go Ethereum team had disclosed a vulnerability on Aug. 18, saying they would release a patch, but did not specify the exact nature of the vulnerability in an effort to prevent an attack:

“The exact attack vector will be provided at a later date to give node operators and dependent downstream projects time to update their nodes and software,” wrote Ethereum team lead Péter Szilágyi in Aug. 24 GitHub patch notes.

However, it would seem some users identified the exploit that was hotfixed by the Geth team and are currently exploiting older versions of the Geth software.

Though the Geth team emphasized that all users should upgrade their software immediately, only about 30% of users have upgraded to the latest version, according to data from ethernodes.org.

As background, Geth is the most relied-upon software to connect to the Ethereum blockchain, being run by roughly 75% of the users.

Read more: Ethereum’s Most Popular Software Client Issues Hotfix to High Severity Bug

A matter of time

In an interview with CoinDesk, Go Ethereum developer Marius Van Der Wijden, who noted he was speaking in a personal capacity and not as a representative of the Ethereum Foundation or Go Ethereum, said that after the disclosure an exploit was inevitable.

“I knew that someone would eventually find the bug,” he said. “I just hoped that more people would have updated in time.”

He called on node operators to follow client teams on social media channels for updates, and noted that he’d be pushing for an open mailing list for “distributing critical information.”

Ultimately, however, he felt the team responded swiftly and appropriately to the vulnerability.

“I feel pretty good about our response. Once [we were] alerted to the potential chain split we found the offending transaction in a matter of minutes,” he said.

He confirmed to CoinDesk a particular Ethereum address was the cause of the attack, but declined to explain the nature of the exploit bec auseit has already been replicated on Binance Smart Chain (BSC) and Polygon.

He noted that software security expert Guido Vranken was first to discover the bug, having found it during an audit of Telos’ virtual machine using a technique called “fuzzing.”

Take a walk

This is not the first time Ethereum has experienced a chain split due to users running outdated versions of Geth.

In November, the Ethereum network saw a similar disturbance after users failed to upgrade to the latest Geth release, version 1.10.X. At the time, Geth developers said the event was due to a lack of communication about the urgency of the upgrade.

This time around, Geth developer Szilágyi emphasized the team would do things differently by openly communicating with the public about the security vulnerabilities of the older client version.

“Last time we did a hotfix, people were angry that we didn’t announce it. This time we decided to try it differently. Let’s see which works better,” Szilágyi tweeted.

Likewise, the official Go Ethereum Twitter channel noted that this vulnerability was patched, and urged users to upgrade their client:

It seems neither has worked in preventing a chain split on Ethereum.

Ethereum community leaders such as developer Andre Cronje have since called on users to “Stay away from doing txs [transactions] for a while,” and to “Go for a walk outside, we all need it.”

Geth developers are actively communicating with users through a Discord channel to urge more users to upgrade their software. The chain split is likely to resolve itself as more users upgrade to the newest Geth version.

The longest chain

Part of the chain split was attributable to a handful of powerful miners continuing to use the faulty Go client, including Flexpool, BTC.com and Binance. According to Ethereum Foundation developer Tim Beiko, developers had managed to contact both BTC.com and Binance as of 1 p.m. ET today:

However, as another Geth developer pointed out, the majority of miners were operating the patched client at the time of the exploit, and the majority of the hashpower continued to operate on the canonical chain.

Ethereum is currently operating normally.

UPDATE (Aug. 27, 18:10 UTC): Adds comments from Go Ethereum developer Marius Van Der Wijden.

UPDATE (Aug. 27, 20:32 UTC): Adds information on BTC.com and Binance updating their clients.