以前未知的以隱私為中心的令牌系統中的漏洞可能使攻擊者能夠偽造偽造的零知識證明

Solana基金會在其以隱私為中心的代幣系統中披露了以前未知的漏洞

Solana (SOL) Foundation engineers have disclosed a previously undocumented vulnerability in its privacy-focused token system that could have been exploited by attackers to forge fake zero-knowledge proofs (ZKPs), potentially enabling unauthorized minting or withdrawals of tokens.

Solana（Sol）基金會工程師已經在其以隱私為中心的代幣系統中透露了一個以前無證件的漏洞，該系統本來可以被攻擊者利用，以偽造虛假的零知識證明（ZKP），並有可能實現未經授權的鑄造或撤回令牌的戒斷。

The vulnerability, first reported on April 16 through Anza’s GitHub security advisory and accompanied by a working proof-of-concept, was discovered by engineers from Solana development teams Anza, Firedancer, and Jito, who began working on a fix immediately, according to a post-mortem published Saturday.

據周六出版的郵局發布，該脆弱性是由Anza的GitHub安全諮詢公司於4月16日首次報導的，並在工作證明的陪同下是由Solana Developments Anza，Firedancer和Jito的工程師發現的，他們開始立即進行修復。

The issue stemmed from the ZK ElGamAL Proof program, which verifies ZKPs used in Solana’s Token-22 confidential transfers. These extension tokens enable private balances and transfers by encrypting amounts and using cryptographic proofs to validate them.

該問題源於ZK Elgamal Proof計劃，該計劃驗證了Solana的Token-22機密轉移中使用的ZKP。這些擴展令牌可以通過加密量和使用加密證明來驗證它們來實現私人餘額和轉移。

ZKPs are a cryptographic method that lets someone prove they know or have access to something, such as a password or age, without revealing the thing itself. In crypto applications, they can be used to prove a transaction is valid without showing specific amounts or addresses, which can otherwise be used by malicious actors to plan exploits.

ZKP是一種加密方法，可以讓某人證明自己知道或可以訪問某些東西，例如密碼或年齡，而無需透露事物本身。在加密應用程序中，它們可用於證明交易有效，而無需顯示特定的金額或地址，否則，惡意參與者可以將其用於計劃利用。

The bug occurred because some algebraic components were missing from the hashing process during the Fiat-Shamir transformation—a standard method to make zero-knowledge proofs non-interactive. Non-interactive in this case refers to turning a back-and-forth process into a one-time proof anyone can verify.

之所以發生錯誤，是因為在菲亞特 - 沙米爾轉換過程中缺少一些代數組件，這是一種使零知識證明非相互作用的標準方法。在這種情況下，非相互作用是指將來回流程變成任何人都可以驗證的一次性證明。

A sophisticated attacker could forge invalid proofs that the on-chain verifier would still accept. This would have allowed actions such as minting unlimited tokens or withdrawing tokens from other accounts.

一名複雜的攻擊者可以偽造無效的證據表明，鏈驗證者仍將接受。這將允許諸如鑄造無限令牌或從其他帳戶中撤回令牌之類的行動。

The vulnerability did not affect standard SPL tokens or the main Token-2022 program logic. Patches were distributed privately to validator operators beginning April 17, and a second patch was pushed later that evening to address a related issue elsewhere in the codebase. Both were reviewed by third-party security firms Asymmetric Research, Neodyme, and OtterSec. By April 18, a supermajority of validators had adopted the fix.

該漏洞不會影響標準的SPL令牌或主要令牌-2022程序邏輯。從4月17日開始將補丁私人分發給驗證器運營商，當晚晚些時候推出了第二個補丁，以解決代碼庫中其他地方的相關問題。這兩者均由第三方安全公司不對稱研究，Neodyme和Ottersec進行了審查。到4月18日，驗證者的超級貢獻已經採用了解決方案。

There is no indication that the bug was exploited, and all funds remain secure, according to the post-mortem.

據驗屍說，沒有跡象表明該錯誤是被利用的，所有資金仍然安全。