시가총액: $3.3026T 0.250%
거래량(24시간): $88.7887B 4.230%
  • 시가총액: $3.3026T 0.250%
  • 거래량(24시간): $88.7887B 4.230%
  • 공포와 탐욕 지수:
  • 시가총액: $3.3026T 0.250%
암호화
주제
암호화
소식
cryptostopics
비디오
최고의 뉴스
암호화
주제
암호화
소식
cryptostopics
비디오
bitcoin
bitcoin

$105660.503371 USD

0.08%

ethereum
ethereum

$2495.659205 USD

-0.75%

tether
tether

$1.000503 USD

-0.01%

xrp
xrp

$2.246230 USD

3.27%

bnb
bnb

$650.510663 USD

0.05%

solana
solana

$151.975391 USD

1.31%

usd-coin
usd-coin

$0.999922 USD

-0.01%

dogecoin
dogecoin

$0.182596 USD

-0.78%

tron
tron

$0.283540 USD

-1.07%

cardano
cardano

$0.665910 USD

0.95%

hyperliquid
hyperliquid

$35.388743 USD

1.47%

sui
sui

$3.218472 USD

-0.93%

chainlink
chainlink

$13.729857 USD

-0.67%

avalanche
avalanche

$20.700353 USD

1.21%

unus-sed-leo
unus-sed-leo

$9.242919 USD

0.14%

암호화폐 뉴스 기사

Solana Quietly Patches Vulnerability: Hero or Controller?

2025/05/05 14:54

Solana Quietly Patches Vulnerability: Hero or Controller?

Recently, Solana encountered a serious issue. A security vulnerability that allowed attackers to mint unlimited tokens or even withdraw tokens from other users’ accounts without permission was discovered.

However, after fixing the bug, investors are criticizing Solana. Let’s explore the reason behind this controversy.

Solana Patches Vulnerability

Solana disclosed a vulnerability in its ZK ElGamal Proof program, which is a native program used to verify the correctness of complex zero-knowledge proofs and ensure that encrypted balances in accounts and transactions are valid. The bug affects tokens using the Token-2022 standard.

This vulnerability enables attackers to perform actions that the system shouldn’t allow, such as creating new tokens or withdrawing from another user’s wallet.

“This vulnerability only affects Token-22 confidential tokens and allows an attacker to perform actions such as minting tokens or withdrawing tokens from any account that the system should not allow,” Solana explained.

If this vulnerability were to be exploited, it could have had serious consequences.

“An attacker can create a variant of the ElGamal Proof program and submit transactions to the network to execute arbitrary programs in the context of the ZK ElGamal Proof program. This includes actions such as minting tokens or withdrawing tokens from any account.”

Fortunately, the issue was quickly patched by Solana, which updated the software and retested it with the help of several security research teams, including Asymmetric Research, Neodyme, and OtterSec. Most importantly, there are no reports indicating that the vulnerability had been exploited before it was patched.

Investors Criticize Solana

Although Solana acted quickly to fix the bug and it seems that no one misused the vulnerability, its handling of the situation sparked mixed reactions.

While a developer named Fede’s intern from LambdaClass defended Solana and stated that those criticizing the platform don’t understand the technology, he also claimed that the response would likely have been the same if a similar incident had occurred on Ethereum or Bitcoin, investors are still showing concern.

In 2018, the Bitcoin network experienced a serious inflation bug. Developers from Bitcoin Core had to quietly contact mining pools to apply a fix for an inflation bug before informing the public about it.

Still, many expressed concerns about Solana’s transparency and decentralization.

For example, investor Clouted expressed alarm over the secretive patch. As he explained, seven out of eight of the largest Solana validators privately applied a critical hotfix, upgrading the system and patching the bug. Afterward, they disclosed the issue to the community.

However, according to Clouted, these actions went against the spirit of decentralization. He argued that if validators could coordinate privately to fix bugs, they might also collaborate to censor transactions or alter blockchain data, which a decentralized system should not allow.

“Am I hearing this right? There was a zero-day on Solana mainnet and >70% of the validators privately colluded to upgrade and patch the critical bug before it was even made public. But they never announced it. Instead, they're now rolling out the narrative that it's all patched up. Is this the future of Solana: a centrally controlled chain with opaque updates and patching at the whim of a few large validators? I'm not sure I want to stick around for that future. I'd rather invest in protocols that prioritize transparency, decentralization

부인 성명:info@kdj.com

제공된 정보는 거래 조언이 아닙니다. kdj.com은 이 기사에 제공된 정보를 기반으로 이루어진 투자에 대해 어떠한 책임도 지지 않습니다. 암호화폐는 변동성이 매우 높으므로 철저한 조사 후 신중하게 투자하는 것이 좋습니다!

본 웹사이트에 사용된 내용이 귀하의 저작권을 침해한다고 판단되는 경우, 즉시 당사(info@kdj.com)로 연락주시면 즉시 삭제하도록 하겠습니다.

2025年06月10日 에 게재된 다른 기사