The Stellar Development Foundation (SDF) has discovered a bug in the Stellar Core v20.1.0 version, leading to the postponement of the planned Protocol 20 update at the end of January.
Although the bug poses “little risk,” it could potentially affect various applications once the smart contracts platform is deployed, according to the SDF.
The SDF is working on a fix that should be available in two weeks, while emphasizing that the decision to update the network depends on the vote of non-SDF validators.
Stellar, one of the oldest blockchain projects, focuses primarily on payments and asset tokenization.
Context and Implications of the Bug Discovery
The Stellar Development Foundation announced in a blog post on January 27 its intention to disarm its validators and postpone the vote on Protocol 20, initially scheduled for January 30. This decision follows the discovery of a bug on January 25, which, although considered to pose little risk, could impact applications once the Soroban smart contracts platform is deployed.
Technical Details of the Bug and Security Measures
The bug affects Soroban transactions, which fail to return funds to the source account of the fee escalation in the event of a refund and increased fees. Soroban, Stellar’s smart contracts platform, was launched on a testnet in October 2022.
The SDF also launched a $100 million fund to attract developers to the platform in the same month. Tyler van der Hoeven, one of the key developers of Stellar, stated that the deployment of Protocol 20 would be gradual, without specifying the time required for the full implementation of Soroban smart contracts on Stellar.