Solana has fixed a vulnerability that could allow attackers to mint and steal tokens indefinitely
According to a report by Jinse Finance, validators on the Solana network successfully averted a potential disaster by deploying a patch to fix a vulnerability in a program. If exploited, the vulnerability could have allowed attackers to mint certain tokens indefinitely or withdraw them from any account. This vulnerability only affected the Token-22 confidential tokens, with the issue residing in the ZK ElGamal proof program, which is used to verify encrypted balances and ensure the accuracy of zero-knowledge proofs. According to a post-mortem report by the Solana Foundation, some array components in the on-chain ZK ElGamal proof program were not included in the hash used to generate the Fiat-Shamir transform. Sophisticated attackers could exploit these unhashed components to develop forged proofs, thereby executing unauthorized operations through verification.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
The Dow Jones Index closed up by 646.26 points, and the S&P 500 Index saw a slight increase.
Animoca Brands to collaborate with Republic to enable equity tokenization on Solana
Solana ecosystem meme coin JELLYJELLY continues to surge, up over 87% in a single day
"Machi" Ethereum long positions partially liquidated again, with a liquidation scale of 1,200 ETH
Trending news
MoreCrypto prices
More
