Colll78

**Name of the Vulnerable Software and Affected Versions** Hydra versions prior to 0.22.0 **Description** Hydra is a layer-two scalability solution for Cardano. The issue arises from the assumption of L1 event finality, where the system does not consider failed transactions on the Cardano L1. This makes transactions a target for re-org attacks as soon as they are recognized by node participants. The system's oversight of failed transactions appearing in blocks, due to their infrequency, contributes to the problem. **Recommendations** For versions prior to 0.22.0, update to version 0.22.0 to resolve the issue.