Solana fixes a zero-day vulnerability that could have caused some tokens to be issued indefinitely or stolen

PANews reported on May 5 that the Solana Foundation announced that a serious "zero-day" vulnerability affecting the confidential transmission function on its network has been successfully fixed. The vulnerability was discovered on April 16, and the Foundation immediately secretly organized validators to coordinate network updates and completed the repair work within two days.

This vulnerability involves the ZK proof system used to verify the confidential transfer of tokens in the Token-2022 standard. If exploited, an attacker could theoretically mint a specific token infinitely by forging proofs, or steal these tokens from user accounts.

The Solana Foundation stated that the vulnerability was not disclosed until the fix was completed to ensure safety. There is currently no evidence that the vulnerability has been actually exploited and all user funds are safe. It also pointed out that although the confidential transfer function has been online for some time, the current adoption rate is not high.

Share to:

Author: PA一线

This content is for informational purposes only and does not constitute investment advice.

Follow PANews official accounts, navigate bull and bear markets together
Telegram Discussion Group
Telegram News Channel
@PANews
Recommended Reading
2 hour ago
3 hour ago
6 hour ago
7 hour ago
8 hour ago
8 hour ago

Popular Articles

Industry News
Market Trends
Curated Readings
Subscribe

Curated Series

App内阅读