시가총액: $3.4391T 4.130%
거래량(24시간): $122.6091B 38.090%
  • 시가총액: $3.4391T 4.130%
  • 거래량(24시간): $122.6091B 38.090%
  • 공포와 탐욕 지수:
  • 시가총액: $3.4391T 4.130%
암호화
주제
암호화
소식
cryptostopics
비디오
최고의 뉴스
암호화
주제
암호화
소식
cryptostopics
비디오
bitcoin
bitcoin

$109731.956184 USD

3.84%

ethereum
ethereum

$2692.478025 USD

7.88%

tether
tether

$1.000259 USD

-0.02%

xrp
xrp

$2.310195 USD

2.85%

bnb
bnb

$665.398326 USD

2.29%

solana
solana

$159.672203 USD

5.06%

usd-coin
usd-coin

$0.999804 USD

-0.01%

dogecoin
dogecoin

$0.194571 USD

6.55%

tron
tron

$0.287722 USD

1.47%

cardano
cardano

$0.712553 USD

7.00%

hyperliquid
hyperliquid

$39.140056 USD

10.60%

sui
sui

$3.406832 USD

5.85%

chainlink
chainlink

$14.613780 USD

6.44%

avalanche
avalanche

$21.918622 USD

5.88%

stellar
stellar

$0.276535 USD

3.81%

암호화폐 뉴스 기사

The Solana Foundation has revealed that a critical vulnerability affecting its Token-2022 standard was quietly patched in April, averting what could have been a catastrophic breach.

2025/05/05 16:36

A critical vulnerability affecting Solana’s Token-2022 standard was patched in April, according to a statement by the Solana Foundation.

The bug, which affected a specific feature in Solana’s Token-2022 framework known as “confidential transfers,” could have been exploited to mint an unlimited number of tokens or withdraw funds from any account without authorization.

This feature relies on zero-knowledge cryptography, specifically the ZK ElGamal proof system, to enable private transactions. However, a missing algebraic component in a hash used for cryptographic verification left the door open for manipulation.

With this flaw, a malicious actor could forge a valid cryptographic proof. Such a fake proof would grant them the ability to mint new tokens or drain existing accounts without detection.

The issue was first reported on April 16 and was fixed within two days. The fix was coordinated by core development teams from Anza, Jito, and Firedancer, with additional support from Asymmetric Research, Neodyme, and OtterSec.

No exploit was observed, and the bug was patched quickly. However, the revelation caused some market jitters.

After news of the vulnerability broke, the combined value of these tokens dropped by around 5%, settling at $16.1 million.

The Solana Foundation’s decision to keep the issue quiet drew mixed reactions. Some critics argued that the manner in which validators quickly came together to coordinate such a complex fix reflects an uncomfortable level of centralization within the network.

One community member questioned whether validators could use similar coordination to carry out or cover up harmful actions in the future.

However, others defended the approach, adding that silent patches are a standard best practice when dealing with zero-day bugs. Industry veterans, including developers from Bitcoin and Polygon, said these behind-the-scenes efforts prevent real-time exploits while teams work on a secure fix.

Hudson James, a VP at Ethereum layer-2 network developer Polygon Labs, said: “This is totally fine. Bitcoin, Zcash, and Ethereum have all had instances where the core devs needed to privately plan a secret bug fix. A good chain culture means having mature devs who can accomplish stealth fixes.”

Anatoly Yakovenko, co-founder of Solana, also noted that validator coordination is not unique to his blockchain network. He compared the process to similar consensus-building mechanisms on Ethereum, which would usually involve validators like Lido, Binance, Coinbase, and Kraken.

부인 성명:info@kdj.com

제공된 정보는 거래 조언이 아닙니다. kdj.com은 이 기사에 제공된 정보를 기반으로 이루어진 투자에 대해 어떠한 책임도 지지 않습니다. 암호화폐는 변동성이 매우 높으므로 철저한 조사 후 신중하게 투자하는 것이 좋습니다!

본 웹사이트에 사용된 내용이 귀하의 저작권을 침해한다고 판단되는 경우, 즉시 당사(info@kdj.com)로 연락주시면 즉시 삭제하도록 하겠습니다.

2025年06月11日 에 게재된 다른 기사