Protocol Paused For Bug Fix Upgrade - 7/29/19 4:21pm EDT. (Update: Protocol resumed as of 8:40pm EDT)

Hi everyone. This announcement is to let you know that a bug has been identified in the Livepeer protocol smart contracts, and we will be conducting a fix. This is a bug that remains unexploited at this time. After some analysis however, we have decided to pause the protocol out of an excess of caution so that we can prepare a fix, test it, and get it deployed, without putting any user’s protocol role or tokens at risk. While Livepeer is still in the alpha testing stage, this sort of issue is fully expected, and we have built these upgrade and bug fix mechanisms for exactly this purpose. It is important for us to mitigate risks for our early protocol participants as much as possible.

The estimated duration of the protocol pause is 4 hours. It is hoped to avoid missing a single protocol round, however it is possible that the pause may extend longer if necessary, or resumed quicker if possible.

During the paused period, the protocol will be inactive and protocol parameters will stay the same. This means any interaction with the protocol will be ineffective. For delegators, your token will stay bonded but will receive no rewards because there will be no round progression. For transcoders, your nodes will not be able to initialize round or call reward, and there will be no token reward minted. However, non-participating tokens can still be transferred as usual. Broadcasters are urged to continue using Rinkeby to test and develop. The Livepeer team is working hard to fix the bug, and we will be in constant communication with updates. Expect a full post-mortem with details of the issue and remedy after the fix has been deployed and verified. If you notice any issues, please report to the discord channel at http://discord.gg/q6XrfwN , and check here for updates.

3 Likes

The bug fix has been tested, deployed, and verified, and the protocol has been unpaused as of 8:40pm EDT.

Thanks very much to security researcher samczsun who reported this issue, and to the team for diligently working through our security process and getting a fix out quickly. We will be back with a post mortem on the issue in the next couple of days with full technical details, but a quick scan of the deployed update will show that there was a logic edge case that could have exposed transcoders to unwarranted slashing. No user funds were compromised as a result of this bug to the best of the team’s knowledge.

As a reminder, these sorts of issues are expected to be discovered during the Alpha, and it is the reason that we have these upgrade and safety measures in place to protect users funds. Thank you for your patience during the pause.