The recent Pectra upgrade of the Sepolia testnet experienced issues following an attack that exploited an edge case leading to the mining of empty blocks. After the upgrade on March 5, Ethereum developer Marius van der Wijden reported encountering error messages on their geth node and observed empty blocks being mined. The problem stemmed from the deposit contract triggering incorrect event types. Despite a fix being implemented, an unknown user exploited the system by sending a zero-token transfer, triggering the error again. The developers initially thought the mistake was from trusted validators, only to discover it originated from a new account funded by a faucet. To mitigate the attack, a private fix was rolled out to select DevOps nodes. By 2 PM, all nodes were updated, resolving the issue without finalization loss. It was determined that these issues were isolated to Sepolia due to the use of a token-gated deposit contract, leading to the decision to postpone the Pectra upgrade for further testing.

Source 🔗