Prysm releases mainnet incident analysis: Beacon nodes received authentication from nodes that may be out of sync with the network.

PANews reported on December 14th that the Prysm team released a post-mainnet analysis, revealing that the incident occurred because Prysm beacon nodes received authentications from nodes that might be out of sync with the network. These authentications referenced the block root of the previous epoch. To verify these proofs, Prysm attempted to recreate a beacon state compatible with the out-of-sync node's view of the chain. This resulted in multiple processing of past epoch blocks and costly recalculation of epoch transitions. The vulnerability was introduced in Prysm PR 15965 and deployed to the testnet a month before the incident, but it was not triggered at that time.

During the Ethereum mainnet Fusaka session on December 4th, almost all Prysm nodes encountered resource exhaustion while attempting to process certain attestations. During this period, Prysm was unable to respond to validator requests in a timely manner, resulting in the loss of blocks and attestations. The incident affected epochs 411439 to 411480, a total of 42 epochs, with 248 blocks missing out of 1344 slots, a missing rate of approximately 18.5%. Network participation dropped to 75% at one point, and validators lost approximately 382 ETH in witness rewards.

Previously , Vitalik stated that Ethereum's occasional "loss of finality" does not pose a serious risk.