Stellar Foundation Supports Halting Key Upgrade Due to a Bug

Reading Time: 2 minutes
  • The Stellar Development Foundation has indicated support for halting the planned upgrade to Protocol 20 until a bug found in the update is fixed.
  • The upgrade is expected to bring Ethereum-style smart contracts to the Stellar blockchain
  • The foundation noted that the bug poses “little risk”

The Stellar Development Foundation (SDF) has disclosed that it prefers delaying the planned key upgrade to introduce Ethereum-style smart contracts to the Stellar blockchain to provide time to fix a bug in the update. Although SDF noted that the anomaly poses “little risk” to the blockchain, it observed that it can affect certain applications on the platform. SDF revealed that its decision was based on concerns from “contract developers, wallet developers, validators, and tools builders.”

SDF Can’t Decide

The foundation clarified that it can’t solely decide to halt the upgrade noting that other players in the Stellar ecosystem can still vote to launch the update before fixing the bug. SDF however said that even if the blockchain is upgraded without correcting the abnormality, it’ll “continue to resolve the bug.”

As part of showing support for delaying the upgrade, the foundation announced that it has disarmed its validators, adding that a fix can take up to 14 days. According to SDF, if a majority agrees to postpone the update, a new upgrade date would be set.

SDF observed that the bug interferes with the structure of a transaction in its Soroban smart contract platform launched in 2022. The code in the upgrade sends generated refunds to the wrong account.

A Phased Rollout

Stellar wants to use the upgrade to welcome version 20, with its core developer Tyle van der Hoeven noting that it’ll be done in a “phased rollout with the faucet of innovation being slowly and carefully turned on.”

The foundation’s actions come when malicious actors are looking to exploit bugs more than hacking smart contracts. In July last year, for example, such entities exploited a bug in some versions of the Vyper programming language stealing roughly $70 million from DeFi protocols on different chains.

With SDF showing the need to fix the abnormality before launching the upgrade, it’s to be seen whether there will be some validators pushing to take the other route.