Solana developers, validators, and client teams secured a majority stake in the network to address a critical security vulnerability before publicly disclosing the issue.
According to Solana validator Laine, the process began on Wednesday, August 7, 2024, when the Solana Foundation reached out to known network operators via private channels. This initial contact was part of a strategy to carefully patch the vulnerability so that it could not be exploited in any way.
Line added that operators can independently verify and apply the change via a patch provided via Anza engineers’ GitHub repository. Detailed instructions for implementing the patch were distributed to various stakeholders by 14:00 UTC on Thursday, August 8, securing 66.6% of the network’s stake.
The vulnerability was made public after 70% of the network had implemented the patch. Solana Labs then issued a Discord announcement urging all remaining operators to update their systems. The statement read: “A core contributor has identified a network security issue that requires urgent attention. A patched v1.18.21 will be released within 30 minutes. Please be prepared to upgrade as soon as the announcement is sent.”
Disclaimer: The Block is an independent media outlet providing news, research and data. As of November 2023, Foresight Ventures is the largest investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information on the cryptocurrency industry. Current financial disclosures include:
© 2024 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be legal, tax, investment, financial or other advice.