The bug fix has been tested, deployed, and verified, and the protocol has been unpaused as of 8:40pm EDT.
Thanks very much to security researcher samczsun who reported this issue, and to the team for diligently working through our security process and getting a fix out quickly. We will be back with a post mortem on the issue in the next couple of days with full technical details, but a quick scan of the deployed update will show that there was a logic edge case that could have exposed transcoders to unwarranted slashing. No user funds were compromised as a result of this bug to the best of the team’s knowledge.
As a reminder, these sorts of issues are expected to be discovered during the Alpha, and it is the reason that we have these upgrade and safety measures in place to protect users funds. Thank you for your patience during the pause.