Protocol Paused For Bug Fix Upgrade - 1/12/2021 10:05pm ET

Hi everyone. This announcement is to let you know that a bug has been identified in the Livepeer protocol smart contracts, and we will be conducting a fix. This is a bug that remains unexploited at this time . After some analysis however, we have decided to pause the protocol out of an excess of caution so that we can prepare a fix, test it, and get it deployed, without putting any user’s protocol role or tokens at risk. While Livepeer is still in the beta stage, this sort of issue is fully expected, and we have built these upgrade and bug fix mechanisms for exactly this purpose. It is important for us to mitigate risks for our early protocol participants as much as possible.

The estimated duration of the protocol pause is 6 hours . It is hoped to avoid missing a single protocol round, however it is possible that the pause may extend longer if necessary, or resumed quicker if possible.

During the paused period, the protocol will be inactive and protocol parameters will stay the same. This means any interaction with the protocol will be ineffective. For delegators, your token will stay bonded but will receive no rewards because there will be no round progression. For transcoders, your nodes will not be able to initialize round or call reward, and there will be no token reward minted. However, non-participating tokens can still be transferred as usual. Broadcasters are urged to continue using Rinkeby to test and develop. The Livepeer team is working hard to fix the bug, and we will be in constant communication with updates. Expect a full post-mortem with details of the issue and remedy after the fix has been deployed and verified. If you notice any issues, please report to the discord channel at http://discord.gg/q6XrfwN , and check here for updates.

1 Like

Update at 4:16am ET, 1/13/2021: As we have reached the end of the original six hour estimate window, I wanted to provide a brief update. The fix is in the final stages of deployment and verification, so the next update should come shortly.

1 Like

The bug fix has been tested, deployed, and verified, and the protocol has been unpaused as of 5:18am ET .

Thanks very much to the protocol team for proactively identifying this issue and for diligently working through our security process and getting a fix out quickly. We will be back with a post mortem on the issue in the next couple of days with full technical details, but a quick scan of the deployed update will show that there was an edge case introduced in the recent LIP-36 upgrade that could have enabled well-timed delegators to claim a greater share of earned fees from their orchestrator’s pool than they were entitled to. No user funds were compromised as a result of this bug to the best of the team’s knowledge, though there remains a small < 0.5ETH differential in the fee pool, which we will follow up with a remedy for in the post mortem.

As a reminder, these sorts of issues are expected to be discovered during the beta phase, and it is the reason that we have these upgrade and safety measures in place to protect users funds. Thank you for your patience during the pause.

2 Likes

Well done to @adamsoffer @NicoV @yondon and @dob for sorting this out for us all so promptly and effectively.

1 Like

The post-mortem for the bug has been published.

No user funds were compromised as a result of this bug to the best of the team’s knowledge, though there remains a small < 0.5ETH differential in the fee pool, which we will follow up with a remedy for in the post mortem.

After some follow up analysis, it does not seem that there is a fee discrepancy caused by this particular bug and the previously mentioned discrepancy thought to be caused by this bug was caused by a mistake in calculations used in the previous analysis.