Solana has fixed a vulnerability that could allow attackers to mint and steal tokens indefinitely
According to a report by Jinse Finance, validators on the Solana network successfully averted a potential disaster by deploying a patch to fix a vulnerability in a program. If exploited, the vulnerability could have allowed attackers to mint certain tokens indefinitely or withdraw them from any account. This vulnerability only affected the Token-22 confidential tokens, with the issue residing in the ZK ElGamal proof program, which is used to verify encrypted balances and ensure the accuracy of zero-knowledge proofs. According to a post-mortem report by the Solana Foundation, some array components in the on-chain ZK ElGamal proof program were not included in the hash used to generate the Fiat-Shamir transform. Sophisticated attackers could exploit these unhashed components to develop forged proofs, thereby executing unauthorized operations through verification.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitget to adjust the funding rate interval for TRUSTUSDT perpetual contracts
Data: A total of 78,000 ETH were transferred out from Fidelity Custody, worth approximately $237 million.
The three major U.S. stock indexes opened higher, with the Dow Jones up 165 points.
Trending news
MoreCrypto prices
More
