The Solana Foundation has announced that it has fixed a previously unknown vulnerability in its privacy-focused token system that could have allowed attackers to perform unauthorized minting or withdrawals of tokens.
The story goes back to April 16, when Anza’s GitHub security advisory reported the vulnerability for the first time, providing a proof of concept. Thereafter, Solana and development teams from Anza, Firedancer, and Jito verified the bug and began working on a fix immediately, as announced.
What happened?
The vulnerability stemmed from the ZK ElGamal Proof program, which verifies zero-knowledge proofs (ZKPs) used in Solana’s Token-22 confidential transfers. These enable access to tokens’ private balances and transfers by encrypting amounts and using cryptographic proofs to validate them.
How did the vulnerability occur?
The bug occurred because some algebraic components were missing from the hashing process during the Fiat-Shamir transformation, a standard method used to make zero-knowledge proofs non-interactive, allowing a one-time proof that anyone can verify.
In simple terms, an attacker could forge invalid proofs that the on-chain verifier would still accept, giving them full access to the accounts.
What would such a bug allow hackers to do?
Such a bug would have allowed hackers to carry out unauthorized actions, such as minting unlimited tokens or withdrawing tokens from other accounts.
As such, the vulnerability did not affect standard Solana Program Library tokens (SPL) or the main Token-2022 program logic.
Solana insisted that there is no indication that the bug was exploited and all funds remain secure.
