The Battle for Solana

White-hat hackers aid the blockchain against a recent attack

Recently there was yet another attack on the Solana blockchain. This large-scale attack saw nearly $4.5M in crypto pilfered from more than 8000 users in total. The situation looked dire but then something amazing happened- users started to fight back against the attackers with brute force.

The attack is actually from a Slope Mobile Wallet exploit. The exploit involved the private keys of the wallets. The information was found through a coordinated collaborative effort between developers and security auditors. The findings of the effort show that the affected addresses were created , imported , or used at one point in Slope mobile wallet apps. 

The exploit was then discovered to be isolated at one particular wallet on the Solana chain. It seems that private information was transmitted to an application monitoring service by mistake. The Phantom wallet users that were affected were then stated to have possibly contacted this issue from any interaction with a slope wallet account. Slope acknowledged the situation but did not take responsibility for the attack.

The initial hours of the hack saw developers and security auditors congregating to discover the issue and figure out how to solve it. One developer finally suggested a way to impede the progress of the attackers. The method that was proposed was the utilization of a previously created script, this script would then be used to slow down the attackers transactions by write-locking the attackers accounts, or this was the plan at least. This meant that any transactions such as a balance change would briefly prevent the wallet from having that transaction posted. The developer suggested constant write locks that would make transactions all but impossible.

Many “good guy” hackers known as white/grey hat hackers used the script to spam “malformed” transactions to the accounts held by the hackers, sort of like a DDoS attack , denial-of-service attack.

The technique was not 100% effective but did a lot of good work. The previous hour of attacks saw 2000 wallets drained and after the hack only 300 wallets were affected. The hack-hack seemed to work , until it didn’t.

The method created another issue where RPC servers , the servers used to facilitate all traffic on the blockchain, started to crash, thus unearthing another bug in the system as to how RPC servers deal with requests. Anatoly Yakavenko the CEO of Solana Labs then created a patch to resolve the issue.

The RPC servers being affected cause service for some users to be negatively impacted as they were unable to access the blockchain. Users were unable to transfer funds and developers trying to track the hackers were having a hard time as well. This did not help optics for the Solana blockchain even though the chain itself was perfectly fine during the attack.

There was more FUD (Fear ,Uncertainty, Doubt) about Solana harkening back to the days those that doubted the blockchain were more verbal-during the past occasions when Solana actually did crash. There were some that stated the FUD was unwarranted and overblown this time like Helius co-Founder Mert.

The RPC servers were patched up and work continued in discovering the cause of the attack and who the hackers were. The Solana Foundation pointed the blame to an exploit on Slope. The DDoS campaign was called successful though it did cause some harm but the community of Solana as a whole came together and fought for the stability of the blockchain. In the end the situation proved to be no fault of Solana’s and instead of a small exploit on a separate wallet.


Leave a Reply