Solana has undoubtedly had a very crazy past 48 hours. Now we wanted to wait until we knew exactly what was going on before we describe in detail about Solana wallet hack because accuracy is key, especially in a situation that was as fluid as this one has been.
So after a great deal of work by devs in the Solana ecosystem, the root cause of the exploit was identified. It seems to have originated from the slope mobile wallet. So that is important to note it was nothing to do with the Solana network. It involved compromised private keys created imported or used in the slope mobile wallet and that’s why some users who had phantom wallets were also impacted. So if you had a phantom wallet and interacted with slope applications you could also have been affected.
Now when it comes to the exact point at which the private keys were exposed an investigation is still ongoing by the slope team. However, right now it appears as if sentry an event logging platform was used for reporting errors in the app. If there was any interaction with the app it would trigger an event log. Yet slope didn’t configure sentry to delete that sensitive info and the result was mnemonic seeds were leaked.
Now I should, of course, add that anyone who used a hardware wallet is it with slope or phantom was completely spared and I seriously can’t stress enough how important these devices are to moving to a hardware wallet.
This Solana wallet hack unleashed a tsunami of thud over the Solana ecosystem that’s because no one could identify the cause of the vulnerability. When private keys start getting compromised new levels of panic start to set in. It also doesn’t help that at the time that the hack was taking place Solana RPC nodes were going down. Now, this turned out to be a well-intentioned attempt by white hat hackers to spam the hacker’s address with malformed transactions. On the Solana blockchain, essentially any transaction that modifies an account, like changing the balance, places a temporary right lock on that account.
These white hats were attempting to slow the hacker’s ability to exploit it further. Now while that tactic may have helped given the volume of people attempting to spam it RPC servers started to crash. Some in the Solana community were asking those involved in the DDoS to stop because it was impacting on dev’s abilities to access blockchain explorers and further diagnose the issue.
It’s a pretty crazy turn of events but I’m glad to see that the issue was isolated to some poor wallet design and not something on the broader network. Moreover, the Solana devs worked tirelessly to try and locate the issue. Hundreds of developers and security firms all jumped into action. Now this doesn’t detract from the broader issues that still face the Solana network outages happen on occasion and there are still questions around centralization but in this case, the network worked. Yes, the RPC nodes went down but that was not the Solana blockchain.
Compensation for Solana wallet hack
Of course, this is all little solace to those who have lost funds in this hack and it’s unclear whether they could be compensated in any way even though the fault lies with slope. It’s a bitter pill to swallow when you self-custody your crypto but it still ends up getting swiped. So for what it’s worth the Solana foundation has set up an online form where you can provide your information if you are one of the ten or so thousand affected by the hack. This suggests that compensation of some kind could come eventually.
So in any case this is one of many recent events that underscore the importance of keeping your crypto in a hardware wallet when you’re not trading. We will try and keep you guys updated with this story as it develops.