The Pectra upgrade on the Sepolia testnet faced unexpected issues, including the production of empty blocks.
Problems with Pectra Upgrade
The Pectra upgrade on Ethereum's Sepolia testnet faced unexpected challenges. Developers experienced bugs in their geth nodes and mined empty blocks immediately upon deployment. The issue arose from an incorrect interaction with the deposit contract, leading to unintended log events and invalid blocks that hampered transaction processing. Developers quickly identified the root cause and proposed a fix to ignore invalid logs. However, the major task was deploying the fix without splitting the chain.
New Zero-Token Vulnerability
Even though developers believed the issue was resolved, empty blocks began reappearing. It was soon discovered that an external party exploited a lesser-known aspect of the ERC-20 standard: zero-token transfers. This method allowed anyone to trigger transfer events, bypassing the original fix. In response, developers quickly deployed a private patch blocking transactions with the deposit contract on a limited number of DevOps nodes.
Ethereum Developers' Plans
At 14:00 UTC, Sepolia nodes synchronized with the official patch, restoring normal block production. The developers found that the issue was due to the Sepolia deposit contract being token-gated, unlike the mainnet variant. The attack revealed an issue with the ERC-20 standard—zero-token transfers still emit events. In light of such risks, developers plan deeper reviews of smart contract interactions before deploying Pectra on the Ethereum mainnet.
As a result of the incident, developers have decided to conduct more comprehensive testing prior to deploying updates on the Ethereum mainnet.
