![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
![]() |
|
Recently, Solana encountered a serious issue. A security vulnerability that allowed attackers to mint unlimited tokens or even withdraw tokens from other users’ accounts without permission was discovered.
However, after fixing the bug, investors are criticizing Solana. Let’s explore the reason behind this controversy.
Solana Patches Vulnerability
Solana disclosed a vulnerability in its ZK ElGamal Proof program, which is a native program used to verify the correctness of complex zero-knowledge proofs and ensure that encrypted balances in accounts and transactions are valid. The bug affects tokens using the Token-2022 standard.
This vulnerability enables attackers to perform actions that the system shouldn’t allow, such as creating new tokens or withdrawing from another user’s wallet.
“This vulnerability only affects Token-22 confidential tokens and allows an attacker to perform actions such as minting tokens or withdrawing tokens from any account that the system should not allow,” Solana explained.
If this vulnerability were to be exploited, it could have had serious consequences.
“An attacker can create a variant of the ElGamal Proof program and submit transactions to the network to execute arbitrary programs in the context of the ZK ElGamal Proof program. This includes actions such as minting tokens or withdrawing tokens from any account.”
Fortunately, the issue was quickly patched by Solana, which updated the software and retested it with the help of several security research teams, including Asymmetric Research, Neodyme, and OtterSec. Most importantly, there are no reports indicating that the vulnerability had been exploited before it was patched.
Investors Criticize Solana
Although Solana acted quickly to fix the bug and it seems that no one misused the vulnerability, its handling of the situation sparked mixed reactions.
While a developer named Fede’s intern from LambdaClass defended Solana and stated that those criticizing the platform don’t understand the technology, he also claimed that the response would likely have been the same if a similar incident had occurred on Ethereum or Bitcoin, investors are still showing concern.
In 2018, the Bitcoin network experienced a serious inflation bug. Developers from Bitcoin Core had to quietly contact mining pools to apply a fix for an inflation bug before informing the public about it.
Still, many expressed concerns about Solana’s transparency and decentralization.
For example, investor Clouted expressed alarm over the secretive patch. As he explained, seven out of eight of the largest Solana validators privately applied a critical hotfix, upgrading the system and patching the bug. Afterward, they disclosed the issue to the community.
However, according to Clouted, these actions went against the spirit of decentralization. He argued that if validators could coordinate privately to fix bugs, they might also collaborate to censor transactions or alter blockchain data, which a decentralized system should not allow.
“Am I hearing this right? There was a zero-day on Solana mainnet and >70% of the validators privately colluded to upgrade and patch the critical bug before it was even made public. But they never announced it. Instead, they're now rolling out the narrative that it's all patched up. Is this the future of Solana: a centrally controlled chain with opaque updates and patching at the whim of a few large validators? I'm not sure I want to stick around for that future. I'd rather invest in protocols that prioritize transparency, decentralization
免責聲明:info@kdj.com
所提供的資訊並非交易建議。 kDJ.com對任何基於本文提供的資訊進行的投資不承擔任何責任。加密貨幣波動性較大,建議您充分研究後謹慎投資!
如果您認為本網站使用的內容侵犯了您的版權,請立即聯絡我們(info@kdj.com),我們將及時刪除。
-
-
-
- Jasmycoin:價格預測和追求新高點
- 2025-06-25 12:25:14
- 茉莉素(Jasmycoin)在夏季低迷後顯示出生活的跡象。它會達到新的高點嗎?對潛在價格變動和市場情緒的分析。
-
-
-
- 比特幣,以太坊和伊朗 - 以色列停火:加密貨幣市場更新
- 2025-06-25 13:05:13
- 地緣政治平靜燃料加密貨幣增益!探索伊朗 - 以色列停火如何影響比特幣和以太坊,以及對市場趨勢的關鍵分析師見解。
-
- 邊緣上的狗狗幣:看跌圖案指向潛在的Doge垃圾場
- 2025-06-25 13:25:13
- Dogecoin面臨著一個關鍵的測試,因為看跌的三角形模式表明可能出現價格分解。是即將到來的Doge垃圾場嗎?
-
-
- PI硬幣價格預測今天:反彈還是仍然卡住?
- 2025-06-25 13:45:12
- Pi硬幣終於轉彎了嗎?本文介紹了當今的價格預測,分析關鍵水平和指標,以查看勢頭是否在變化。