Solana has quietly patched a vulnerability that could potentially allow attackers to mint and steal certain tokens.
Shaurya Malwa | Edited by Parikshit Mishra May 5, 2025 7:10 AM
The Solana Foundation has disclosed a previously unknown vulnerability in its privacy-focused token system that could allow attackers to create bogus zero-knowledge proofs that would lead to the unauthorized issuance or withdrawal of tokens.
The vulnerability was first reported on April 16 via the Anza security advisory on GitHub, accompanied by a working proof of concept. Engineers from Solana’s Anza, Firedancer, and Jito development teams reviewed the issue and immediately began developing a fix, according to a report published Saturday.
The issue arose due to the ZK ElGamal Proof program, which verifies the zero-knowledge proofs (ZKPs) used for private transfers of Solana Token-22. These extension tokens allow for private balances and transfers by encrypting amounts and using cryptographic proofs to verify them.
ZKP is a cryptographic method that allows someone to prove that they have information or access to something, such as a password or age, without revealing the information itself.
In cryptographic applications, they can be used to confirm the validity of a transaction without specifying specific amounts or addresses (which could otherwise be used by attackers to carry out attacks).
The bug was caused by missing some algebraic components in the hashing process of the Fiat-Shamir transformation, a standard method for making zero-knowledge proofs non-interactive. (Non-interactivity means turning the process of transmitting data into a one-time proof that anyone can verify.)
A skilled fraudster could create invalid evidence that a blockchain verifier would still accept.
This would open the door to unauthorized activities such as issuing unlimited amounts of tokens or withdrawing tokens from other accounts.
Thus, the vulnerability did not affect standard SPL tokens or the core logic of the Token-2022 program.
Starting on April 17, fixes were distributed privately to validator operators. Later that evening, a second patch was released to fix a related issue in another part of the codebase.
Both fixes were verified by independent security firms Asymmetric Research, Neodyme, and OtterSec. By April 18, the vast majority of validators had accepted the proposed fixes.
According to the postmortem, there is no evidence that the vulnerability was exploited and all funds remain secure.
Your email address will not be published. Required fields are marked *
[…] January 2022, the number of cryptocurrencies existing in the market increased by 1 thousand. This implies that each new…
Your writing is like a breath of fresh air in the often stale world of online content. Your unique perspective…
I would like to share my story and express my great gratitude to Maria. My husband Alexander was literally taken…