Solana fixes zero-day vulnerability that could have led to unlimited issuance or theft of some tokens
2025-05-04 23:53:44
The Solana Foundation has announced that a critical "zero-day" vulnerability affecting the confidential transfer function on its network has been successfully fixed. The vulnerability was discovered on April 16, and the Foundation immediately secretly organized validators to coordinate network updates and completed the repair work within two days. The vulnerability involves the ZK proof system used to verify the confidential transfer of Token-2022 standard tokens. If exploited, attackers can theoretically mint specific tokens indefinitely through forged certificates, or steal these tokens from user accounts. The Solana Foundation said that the vulnerability was not disclosed until the repair was completed to ensure security. There is currently no evidence that the vulnerability was actually exploited, and all user funds are safe. It also pointed out that although the confidential transfer function has been online for some time, the current adoption rate is not high.
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
特朗普:我想要加密货币,因为如果我们不这样做,中国就会这样做
