Litecoin's 13-Block Reorg Wasn't a 'Zero-Day': GitHub Shows Fix Was Ready Five Weeks Earlier
Litecoin rolled back 13 blocks — about 32 minutes of chain history — after attackers exploited a MWEB consensus bug. The Litecoin Foundation called it a zero-day, but CoinDesk found the fix was privately developed between March 19 and 26.
Litecoin pulled off a 13-block chain reorganization on April 25, rewinding about 32 minutes of network activity after attackers exploited a vulnerability in its Mimblewimble Extension Block (MWEB) protocol. The Litecoin Foundation framed the bug as a "zero-day" — but the public GitHub history tells a different story.
What actually happened
The exploit chained two vulnerabilities. A denial-of-service bug took patched mining nodes offline; on the unpatched nodes that remained, attackers pushed through an invalid MWEB peg-out transaction. Both fixes were rolled into release 0.21.5.4 the same afternoon, and the network rolled the chain back to a clean state. Affected exchanges paused LTC deposits during the window; no end-user funds were lost.
The "zero-day" question
CoinDesk reporter Shaurya Malwa reviewed the litecoin-project repository and found that core developers had privately discovered and patched the MWEB consensus vulnerability between March 19 and March 26, 2026 — more than five weeks before the April 25 exploit. By the strict definition of a zero-day (no patch available at the moment of exploitation), the incident does not qualify. Critics on X argue Litecoin used the framing to soften the optics of a chain reorg on a top-25 asset.
What to Watch
Three threads worth tracking this week. First, exchanges that paused LTC deposits during the reorg — Binance, Coinbase, OKX — and how quickly they restore. Second, whether the Litecoin Foundation publicly addresses the GitHub timeline (silence so far). Third, the read-across to other privacy-extension proposals: MWEB-style opt-in privacy on Bitcoin (e.g., Silent Payments) inherits a similar surface area, and DeFi-native bridges that quoted Litecoin liquidity may pause integrations until they understand the reorg-risk window better.
Daily Web3 × AI intel, straight to your inbox. Subscribe to BlockAI News.
How we report: This article cites primary sources, regulatory filings, and on-chain data where available. BlockAI News uses AI tools to assist with research and first-draft generation; every article is reviewed and edited by a human editor before publication. Read our full How We Report page, Editorial Policy, AI Use Policy, and Corrections Policy.
