Just-In: Solana Silently Patched A Critical Security Vulnerability
Highlights
- Solana developers patched a critical security vulnerability.
- The patch was done in confidentiality to upgrade 70% before disclosure.
- Users shared mixed reactions to this approach in crypto spaces.
Solana contributors have revealed developments leading up to a major patch amid vulnerability. The initial patch which was done under confidentiality was disclosed to other public operators when a majority of the stake had been patched. Users shared mixed reactions with a majority lauding contributors for the quick response.
Solana Patch Prevents Vulnerability
Laine, a Solana node operator disclosed the anatomy of a patch on X (formerly Twitter). The public was informed of developments after a supermajority of the stake was upgraded to protect the network. According to Laine, known members of the Foundation informed the team via private message on Aug 7. The message informed of the patch, the vulnerability the network faces, and the time and manner it will be expected to be applied.
“The first message was received on Wednesday, 7 August 2024 at 14:56 UTC, advising of an upcoming critical patch and sharing a hashed message confirming the date and unique identifier of the incident, the hash shared in this message was published by multiple prominent members of Anza, Jito and Solana Foundation on Twitter/X, Github and even Linkedin in order to confirm the veracity of the message.”
Sequel to this, other operators reached out and stressed the need for confidentiality and urgency. On Aug 8, the patch occurred after several messages containing instructions and verification of patch files. The public was informed once 70% was patched as it was judged safe to disclose the developments and vulnerability. Other operators were also charged to upgrade in line with the patch.
Also Read: Dogecoin Core 1.14.8 Upgrade Released, Here’s Everything
Users’ Mixed Reaction to Contributors’ Approach
The silent patch of Solana has led to divided views although the majority feel it was the right decision to avoid a crypto hack. Kunal Goel, a researcher at Messari lauded the active community on X for acting quickly without any incidents.
However, users raised eyebrows on the need for confidentiality from the onset. Laine explained that the patch exposed the vulnerability and a bad actor could try reverse engineering and halt the network. This could have led to a compromise leading to losses.
Also Read: Shiba Inu News: Shibarium Reveals Major Hard Fork Upgrade To Boost Token Burn
- Bessent Faults Powell for Not Signaling 150 bps Fed Rate Cut by Year-End
- Toobit Adds German Language Support to Ease Market Access On Trading Platform
- Hyperliquid’s USDH Goes Live as Aster DEX Outpaces It in Revenue
- BitMine’s Tom Lee Predicts $12K ETH by Year-End, Calls Ethereum “Wall Street’s Blockchain”
- Just-In: Bhutan Govt Moves Another $47M in BTC Amid Rising Selling Pressure
- Cardano (ADA) Price Eyes 50% Rally as Foundation Backs Stablecoin Liquidity With 8-Figure ADA
- Ethereum (ETH) Price Faces Pullback Before $10K Surge Amid SEC ETF Approval
- PEPE Coin Price: Analyst Sees Breakout-Retest Pattern- Will It Surge Over 230%?
- Shiba Inu Price Eyes 25% Rally as Outflows Jump and Whales Buy 62B Coins
- XRP Price Rises on mXRP Launch, Recovery Ahead?
- Solana Price Prediction: $836M Whale Transfer Spark Fear of $200 Retest Before 62% Rebound
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more…to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
