Users of the Solana ecosystem can thank the team of security experts at Neodyme for detecting and fixing a bug that allowed anyone to steal thousands of dollars per second from multiple protocols. They detected and fixed a bug that allowed anyone to steal thousands of dollars per second from multiple protocols.
A bug reported but never fixed
Neodyme is a team of cybersecurity researchers with expertise in a variety of technologies, including blockchain and smart contracts. In a statement published on its blog, Neodyme revealed that it recently discovered a critical flaw in the Solana Program Library (SPL) protocol.
The bug was originally discovered last June by a researcher from the Neodyme team and made public on GitHub. However, he explains that at that time it was impossible to determine whether the bug was exploitable. It had therefore gone unnoticed.
However, on 1 December, the same researcher found that the flaw was still present and that nothing had been done to correct it. Moreover, it threatened many protocols in the Solana ecosystem (SOL), such as the Tulip Protocol yield aggregator and the Solend and Larix lending platforms. Projects that currently manage $1.7 billion in funds.
The Neodyme team therefore carried out a series of tests to check whether this flaw could be exploited and eventually fixed. According to the press release, the work of the researchers and the contribution of the teams of the protocols concerned made it possible to quickly correct the situation and to protect users. But what was the bug and what could have happened?
More and more issues are keep piling up on Solana
One more bug in their blockchain leading to a risk of a loss around a mind blowing 2.6Bn USD
Don’t get me wrong, but spreading FUD about CardanoADA with wrong information is fine but all is good with Solana Crypto
– Dom’s Crypto (@Doms_Crypto) December 4, 2021
A simple rounding error…
In the rest of the release, Neodymium explains how the bug that threatened the Solana Program Library worked. Simply put, when you deposit funds on a protocol, the value of your assets changes over time. At the time of withdrawal, it may have many digits after the decimal point. This is why some protocols rely on SPL to round the returned amount to the nearest decimal place.
Consider the smallest reference unit in the Solana ecosystem. It is called Lamport and is worth 0.000000001 SOL (the same principle as a satoshi, the smallest unit in Bitcoin). If you deposit an amount of 1.5 Lamport in a loan protocol, then you will receive 2 Lamport upon withdrawal. Conversely, if this amount is only worth 1.4 Lamport upon withdrawal, you will only receive 1 Lamport. On average, this should balance out by creating as much value as it removes.
However, researchers have shown that by operating this system very quickly, it is possible to recover tiny amounts of money with each deposit and withdrawal. By repeating the operation many times, the total amount recovered could be really significant.
solana bug fixed!sol holders are safe!
Follow us to keep up with the most updated crypto news!
We share the knowledge on defi nft blockchain metaverse bitcoin btc eth ethereum shib shibarmy doge and more! pic.twitter.com/W7ZAq2Gyki
– Altention (@Altention_coin) December 4, 2021
That could have cost hundreds of millions of dollars!
Testing their theory on a replica blockchain, Neodyme experts managed to steal 0.000001 BTC ($0.047). They estimated that they could execute this bug 150 to 200 times in a single transaction and put several of these transactions in a single block. Thus, such a strategy could steal funds at a rate of $7,500 per second, or $27 million per hour.
As for the total amount that could have been stolen, this obviously depends on how long the flaw was exploited before it was noticed and protections were put in place:
The attack would have lasted several days, so it could have been interrupted by the time it was noticed. But it’s really hard to notice, and we’re not sure anyone has sufficient oversight, especially when the attack is carried out slowly and carefully,” the statement said.
The Neodyme team’s research identified six protocols potentially at risk from the breach: Larix, Tulip, Port, Solend, Soda and Acumen. The total value of assets under management, and thus at risk, is approximately $1.7 billion. Not all of them were actually at risk, but Neodyme estimates that the potential profit was still in the hundreds of millions of dollars.
