- News
- Business News
- Cryptocurrency News
- Solana bug that put tokens worth $2 billion at risk fixed
Trending
This story is from December 8, 2021
Solana bug that put tokens worth $2 billion at risk fixed
A couple of months ago, a bug was detected by Neodyme, a security auditing firm in the token lending contract of the Solana Program Library (SPL). The bug had put the funds of many protocols at risk.
A couple of months ago, a bug was detected by Neodyme, a security auditing firm in the token lending contract of the Solana Program Library (SPL). The bug had put the funds of many protocols at risk. It was fixed on December 3 by Neodyme according to the auditing firm’s blog post. The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime.Sealevel is the world's first parallel smart contracts run time. These programs are tested against Solana's implementation of Sealevel, solana-runtime, and deployed to its mainnet. Though Neodyme had alerted Solana months before about it, due to its seemingly harmless effect the bug was not resolved.
The bug led to a rounding error that produces more tokens than the ones being deposited by the users to the contract. However the bug could not be exploited without an organized attack that targeted the vulnerability directly. Neodyme addressed the problem and explained the following points about the bug in its blog post:
* Neodyme managed to reproduce the bug and create a script that took advantage of it.
* The bug could have affected several decentralized applications and risked nearly $2.6 billion in total value locked (TVL).
* After fixing the bug, all the decentralized apps were updated promptly to close the vulnerability.
* Neodyme emphasized that the most secure code is open-source, and one of the best ways to write better code is to understand vulnerabilities.
- Over $2 billion in several tokens were at the risk of being drained gradually due to the bug.
- Moreover, if the attack was conducted in a better way, it wouldn’t have even triggered any alarm, and would just be seen as a slow drainage of Annual Percentage Yield (APY) in some pools.
(For the latest crypto news and investment tips, follow our Cryptocurrency page and for live cryptocurrency price updates, click here.)
The bug led to a rounding error that produces more tokens than the ones being deposited by the users to the contract. However the bug could not be exploited without an organized attack that targeted the vulnerability directly. Neodyme addressed the problem and explained the following points about the bug in its blog post:
* Neodyme managed to reproduce the bug and create a script that took advantage of it.
* The bug could have affected several decentralized applications and risked nearly $2.6 billion in total value locked (TVL).
* Some low-value coins on Solana were not economically viable to steal, but the potential profit could have easily gone up to hundreds of millions.
* After fixing the bug, all the decentralized apps were updated promptly to close the vulnerability.
* Neodyme emphasized that the most secure code is open-source, and one of the best ways to write better code is to understand vulnerabilities.
- Over $2 billion in several tokens were at the risk of being drained gradually due to the bug.
- Moreover, if the attack was conducted in a better way, it wouldn’t have even triggered any alarm, and would just be seen as a slow drainage of Annual Percentage Yield (APY) in some pools.
(For the latest crypto news and investment tips, follow our Cryptocurrency page and for live cryptocurrency price updates, click here.)
End of Article
FOLLOW US ON SOCIAL MEDIA
TOP TRENDING
Trending Stories
In Business
Entire Website
- Will banks open only for 5 days a week? Here’s what you should know about IBA’s proposal
- India set to be third largest economy, says S&P Global
- Dalal Street bull run continues! BSE Sensex crosses 69,000 for the first time; Nifty above 20,800
- Byju’s reduces notice period for employees as troubles mount
- Sensex surges over 900 points, Nifty above 20,550 as BJP state election wins bolster Modi's Lok Sabha 2024 prospects
- UltraTech to buy building materials business of Kesoram in 7,600 crore deal
- Tata Technologies stock debuts at a bumper 140% premium; share price at Rs 1200 on BSE
- Tata Technologies share allotment: How to check IPO allotment status, listing date, GMP
- BSE m-cap rides rally in Adani stocks, tops $4 trillion
- Charlie Munger, who helped Warren Buffett build Berkshire, dies at 99
- NDA vs INDIA battle in the west, Karnataka & UP today in round 2 of Lok Sabha elections
- How love triangle led to murder at India Gate
- Explained: Inheritance tax - ‘promise’ that landed Cong in trouble
- Kerala Lok Sabha elections: 5.62% voter turnout in 1st hour of polling
- 'Hindu wife doesn’t have absolute rights over dead husband’s property'
- Youth dies during weight loss surgery, TN govt orders probe
- Will Maharashtra's rural distress spark a vote for change?
- Delhi HC to WhatsApp on its 'threat' to exit India
- 'I forgot the way to...': Faf jokes after RCB break losing streak
- Lok Sabha elections: Top candidates to watch out for in 2nd phase
Popular Categories
Hot on the Web
Top Trends
Lok Sabha Election Phase 2Kerala Lok Sabha Election Phase 2Bengaluru Lok Sabha ElectionLok Sabha Election Phase 2 Full ScheduleDelhi Lok Sabha Election ScheduleKKR vs PBKS Match PredictionJEE MainsPAK vs NZ HighlightsRCB vs SRH HighlightsArvind KejriwalIPL Orange Cap 2024IPL Purple Cap 2024IPL 2024 ScheduleLok Sabha Election Full ScheduleIPL Points TableIPL Match Full Schedule
Trending Topics
Manisha KoiralaEverest MasalaOptical IllusionTamannaah BhatiaMonthly Health HoroscopeRajkumar RaoVarun DhawanMonthly Career HoroscopeMrunal ThakurRajkummar RaoRaw MangoSonakshi SinhaAmitabh BachchanRadhika MerchantMaera MishraPreity ZintaBest Ceiling LightsBest Carrom BoardsBest Phones Under 35000Best Housewarming Gifts
Living and entertainment
Latest News
Didi, nephew Abhishek train guns at judiciaryDU Admission 2024 begins for BA LLB, BBA LLB at admission.uod.ac.in, direct link to applyChhavi Mittal opens up about the painful experience with cancer; says, 'My own people have been insensitive towards me...''Important day for future of Thiruvananthapuram': Rajeev Chandrasekhar urges voters to vote in Lok Sabha polls'Important day for future of Thiruvananthapuram': Rajeev Chandrasekhar urges voters to vote in Lok Sabha polls'Important day for future of Thiruvananthapuram': Rajeev Chandrasekhar urges voters to vote in Lok Sabha pollsFrom robots to handwash, Gujarat teens get 30 patents in a yearSeat tussle between allies still on as poll process starts in MumbaiAfter phase one, PM is panicking, says Congress' KC Venugopal after casting vote in AlappuzhaAfter phase one, PM is panicking, says Congress' KC Venugopal after casting vote in AlappuzhaAfter phase one, PM is panicking, says Congress' KC Venugopal after casting vote in AlappuzhaIPL Today Match KKR vs PBKS: Dream11 playing prediction, head-to-head stats, Fantasy team, key players, pitch report and ground stats of IPL 2024South Karnataka: JDS fights for survival against rising CongressHow to use fresh milk in your beauty routine'We don't expect Travis Head and Abhishek Sharma to perform 14 games': SRH coach Daniel Vettori after loss to RCBNBSE HSLC, HSSLC Results 2024 to be out today, official notice hereIPL 2024: Rishabh Pant's pyrotechnics evoke wonder and aweNaveen Patnaik's tenure since 2000 has been Odisha's lost years: Amit Shah
Copyright © 2024 Bennett, Coleman & Co. Ltd. All rights reserved. For reprint rights: Times Syndication Service