Litecoin spent Saturday afternoon explaining what looked, for a few hours, like a textbook 51% attack. The 13-block reorganization that hit the network earlier in the day was not attackers rewriting history. It was the network discarding a chain that should never have existed.
The Litecoin team confirmed at 4:22 p.m. ET that a zero-day bug in the MimbleWimble Extension Block, MWEB, let an attacker push invalid transactions through mining nodes that had not applied recent updates. The reorg reversed those transactions before they could settle. The patch is out. The chain is operating normally.
That is the official version. The community got there a different way.
The first read was a 51% attack. The second was worse.
Aurora Labs CEO Alex Shevchenko and onchain analyst Zacodil flagged the reorg early in the day. The math looked off from the start. Litecoin runs on a 2.5-minute block target. Thirteen blocks should take about 32 minutes. These took over three hours. That spread is unusual on a proof-of-work network of Litecoinโs size, and it pointed at something other than routine variance.
The first interpretation was a classic double-spend. Reorganize the chain, kill the original transactions, replace them with attacker-friendly ones. That is the playbook every PoW chain has feared since the early Bitcoin Gold and Ethereum Classic incidents. Reddit threads on r/litecoin started filling with double-spend questions within minutes.
The reframing came later. The reorg was not the attack. The reorg was the response to the attack. The actual exploit happened upstream, inside MWEB.
What MWEB does and where the bug lived
MimbleWimble Extension Blocks are Litecoinโs privacy layer, activated in 2022. They let users move LTC into a confidential side block where amounts and addresses are not visible on the main chain. Coins peg in, transact privately, peg out. The pegout is the critical handoff. It is the moment a private MWEB balance becomes a regular Litecoin output again, visible on the main chain, spendable on exchanges, bridges, and DEX platforms.
That handoff is where the zero-day sat. According to the Litecoin team, the bug allowed an attacker to construct an invalid MWEB transaction that pegged coins out to third-party DEX platforms. Mining nodes running older software did not catch the violation. They accepted the invalid transaction, packaged it into blocks, and the chain advanced.
The fix came when enough updated nodes refused to extend that chain. The longest valid chain rule did the rest. The invalid blocks were orphaned. The chain rolled back 13 blocks. The fraudulent pegouts disappeared with them.
Here is the scoreboard from Saturday
| Metric | Detail | Source |
|---|---|---|
| Reorg depth | 13 blocks reversed | Litecoin team |
| Time to mine 13 blocks | Over 3 hours (normal target ~32 minutes) | Onchain timestamps |
| Bug type | Zero-day in MWEB transaction validation | Litecoin team |
| Attack vector | Non-updated mining nodes accepting invalid pegouts | Litecoin team |
| Reported exposure | ~$600,000 (NEAR Intents initial estimate) | Aurora Labs CEO Alex Shevchenko |
| Patch status | Fully deployed, network operating normally | Litecoin team, 4:22pm ET |
NEAR Intents reported $600K in exposure. The math may now be different.
Aurora Labs flagged that NEAR Intents had taken roughly $600,000 in exposure during the incident, with the team committing to cover any user losses. That number was based on what the platform processed before the reorg. Once Litecoin confirmed the invalid transactions were wiped from the main chain, the actual settled losses likely dropped substantially. NEAR Intents has not issued a follow-up at the time of writing.
Other cross-chain protocols that accept LTC paused activity during the incident and are working out their exposure. The point that matters here is the timing. Anyone who treated those invalid pegouts as confirmed and credited the user before the reorg ate their margin. Anyone who waited absorbed less.
Zookoโs reminder: this is a recurring pattern
Zcash founder Zooko Wilcox pointed out the broader context on X. Rollback-and-double-spend incidents are not new on PoW-only chains. Monero and Grin have both had recent ones. Bitcoin Gold lost $18 million to a 51% attack in 2018, and Ethereum Classic hit three reorgs in 2020. The mechanism is structural to PoW security, not a Litecoin-specific failure.
What is specific to Litecoin is the role MWEB played. This was not a hashpower attack. It was a software validation bug exploited through a privacy layer that interacts with the main chain through pegouts. That is the first time MWEB has had a meaningful exploit since activation in 2022.
The fact that the network corrected itself, that updated nodes refused the invalid chain and the orphan branch lost, is the part the Litecoin team is leaning on. It also means a non-trivial fraction of mining hashpower was running unpatched software at the time of the incident. That is the next problem to solve.
LTC was trading near $56 at the time of the incident, with no significant price reaction recorded by Saturday evening.
