Solana devs fix bug that allowed unlimited minting of certain tokens

From Cointelegraph

May 4, 2025 10:36 PM:

The Solana Foundation has resolved a zero-day vulnerability that could have allowed an attacker to mint and withdraw certain tokens from user accounts. The flaw affected Token-22 confidential tokens, but there is no known exploit. Solana validators have adopted the patched version to ensure security. Algebraic components were omitted from the hash in the Fiat-Shamir Transformation transcript, potentially enabling an attacker to forge proof. Token-22 confidential tokens leverage zero-knowledge proofs for private transfers. Solana development firms and security experts collaborated to fix the issue, confirming that all funds are safe. Concerns about centralization were raised by some in the crypto community due to Solana Foundation’s handling of the vulnerability. Despite the fix, concerns remain about Solana’s centralization in the crypto community. Solana Labs CEO Anatoly Yakovenko defended the foundation’s actions, noting that Ethereum also has similar coordination capabilities in case of security bugs. More than 70% of Ethereum network validators are controlled by crypto exchanges or staking operators, leading to comparisons with Solana’s centralization concerns. The Solana Foundation and network validators previously resolved another critical vulnerability in August, with the foundation’s executive director emphasizing that coordination does not equate to centralization. Ethereum community member Ryan Berckmans disputed claims of Ethereum’s centralization issues, citing client diversity as a key factor. Berckmans highlighted the client diversity in Ethereum compared to Solana, emphasizing the need for multiple clients for decentralization at the client level. Solana is set to launch a new client, Firedancer, in the coming months to enhance network resilience and uptime. Berckmans suggested that Solana would need three clients to achieve sufficient decentralization at the client level.

You may also like

Why is Solana (SOL) price down today? By Cointelegraph

Solana jumps 17.88% to $62.07, hitting 18-month peak By Investing.com

Robinhood launches crypto trading in the EU, adds Solana and other tokens delisted in the U.S.