Solana Library bug shows the potential risk of $2.6 billion heist

  • Solana Protocol Library bug, which had risks of $2.6 billion heist, has been fixed
  • The bug could have allowed attackers to steal money from multiple SOL projects at a rate of $27 million an hour
  • Tulip Protocol, yield aggregator, and some of the lending protocols, including Solend, Soda, and Larix, were among the targets

Solana, one of the rapidly growing blockchain projects, has been considered the Ethereum Killer. Since its establishment, the project has witnessed tremendous growth. However, although the digital ecosystem brings new evolution, rug pulls, and network exploits have dominated much of the buzz. Decentralized finance (DeFi) protocols have already lost more than $2 billion in total owing to such attacks on the platforms by illicit players. In the latest such hacking news, malicious actors were able to launder more than $120 million worth of cryptocurrencies from BadgerDAO. Further, Solana would also have faced such activities if a bug hadn’t been detected recently.

Read More: Solana could topple BTC and ETH in the near future

Solana network detects a bug

- Advertisement -

Recently, Neodyme security researchers have detected a bug on Solana. It has been known that if the bug were not detected, the network would have lost several billions of dollars worth of assets. According to Solana’s recent blog post, the researchers revealed a bug in the Solana Protocol Library (SPL). Indeed, an SPL is a set of reference documents for the projects based on the SOL ecosystem. The bug could have allowed attackers to steal money from multiple SOL projects at a rate of $27 million an hour. The total value on alert has been noted to be about $2.6 billion.

Targets that could have been affected

After noting the bug, the teams also revealed some of the targets that could have been affected by it. Such targets on Solana include Tulip Protocol, yield aggregator, and some lending protocols, including Solend, Soda, and Larix. Notably, all of these protocols on the blockchain have millions of dollars in TVL.

How did the researchers spot the bug?

This year in June, Simon, a researcher in the ecosystem, initially spotted the bug. After doing so, the researcher raised an issue on Solana’s Github page. However, at the time, the bug did not seem to pose a threat and went largely unnoticed. Later, the researchers again reviewed the issue on Wednesday, and they observed that the bug was not addressed or fixed.

Following the scenario, the researchers began to test the possibilities of exploiting the bug. Moreover, the tests also helped gauge potential damage that the issue could cause. Although the bug seemed a seemingly harmless rounding error, it was later realized that it could potentially steal a large number of funds through endless tiny transactions.

Such an issue was caused due to the apps on Solana that use the SPL reference documents to round funds to the nearest whole number. Notably, the factor would have resulted in users receiving or losing a tiny fraction of their funds.

How useful was this post?

Click on a thumb to rate it!

As you found this post useful...

Follow us on social media!

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Download our App for getting faster updates at your fingertips.

Ahtesham Anis
Ahtesham Anis is a Computer Science undergrad student currently based out of India. Coming from the business background and his keen interest in Cryptocurrency and Blockchain technology is what Ahtesham brings to the table. He is always an eager learner when it comes to exploring the new technologies and topics in the crypto world.

Similar Articles



Please enter your comment!
Please enter your name here

We Recommend

Top Rated Trading Platforms

Top Rated Cryptocurrency Exchange