Solana developers address critical vulnerability with coordinated patch

Solana developers address critical vulnerability with coordinated patch

Reported by The Block: Solana developers, validators, and client teams worked together to address a critical security vulnerability.

The developers ensured a supermajority of the network stake was patched before public disclosure.

Solana developers, validators, and client teams addressed a critical security vulnerability by securing a supermajority of its network stake before publicly disclosing the issue.

The process started on Wednesday, Aug. 7, 2024, when the Solana Foundation contacted known network operators through private channels, according to Solana validator Laine. This initial contact was part of a strategy to patch the vulnerability discreetly so it couldn’t be exploited in any way.

Laine added that the patch, made available via an Anza engineer's GitHub repository, enabled operators to independently verify and apply the changes. By Thursday, Aug. 8 at 14:00 UTC, detailed instructions for implementing the patch were distributed to various stakeholders, resulting in 66.6% of the network’s stake being secured.

The vulnerability was publicly disclosed after 70% of the network had implemented the patch. Then, Solana Labs issued a Discord announcement urging all remaining operators to update their systems. The statement read: “Core contributors have identified a network security issue that requires an urgent response. v1.18.21 with a patch will be available in 30 minutes. Please be prepared to upgrade as soon as the announcement is sent.”

Source

Solana

In This Article

Related News
The SEC rejected Cboe’s 19b-4 filings for Solana ETFs: Source The SEC rejected Cboe’s 19b-4 filings for Solana ETFs: Source
Solana Foundation Removed Certain Validators Due to Involvement in Sandwich Attack Solana Foundation Removed Certain Validators Due to Involvement in Sandwich Attack
Solana Lending Protocol MarginFi saw $200M Users Fund Outflow in Two Days Solana Lending Protocol MarginFi saw $200M Users Fund Outflow in Two Days
Congestion on Solana Forced Several Projects to Postpone Launches Congestion on Solana Forced Several Projects to Postpone Launches
Solana Grappled with Congestion Issues, Developers Rushing to Devise Solutions Solana Grappled with Congestion Issues, Developers Rushing to Devise Solutions
Latest News More More
3 Days Ago MicroStrategy adds 18,300 Bitcoin, now holds $14.14B worth of BTC
3 Days Ago Grayscale to launch US XRP trust, paving way for potential ETF
4 Days Ago ZKsync activates decentralized governance system with onchain contracts
4 Days Ago Starknet community approves vote to implement STRK token staking by end of 2024
5 Days Ago Ark Invest buys $8.4 million worth of Coinbase shares amid post-debate dip
delate
Use TokenInsight App All Crypto Insights Are In Your Hands
Open