Solana Hacked: Ed25519 Digital Signature Algorithm – Critical Vulnerability Explained!

Read Time:1 Min, 36 Sec

Solana $SOL reputation is turnishing. A poor implementation of Ed25519, a popular digital signature algorithm, has left dozens of cryptography libraries such as Phantom vulnerable to attacks.

solana
Solana (SOL)
Rank: 11
$ 22.49
Price (BTC)
Ƀ0.00079409
Marketcap
$ 8.67 B
Volume
$ 649.59 M
24h Change
1.77%
Total Supply
543.37 M SOL

According to Bloomberg press release, “estimates of the damage vary. Just over $5.2 million in cryptoassets have been stolen so far from more than 7,900 Solana wallets, according to blockchain forensics firm Elliptic. Security company PeckShield said four Solana wallet addresses drained approximately $8 million from victims.”

Advertisement

What Is Solana ($SOL)?

Solana is a highly functional open source project that banks on blockchain technology’s permissionless nature to provide decentralized finance (DeFi) solutions. While the idea and initial work on the project began in 2017, Solana was officially launched in March 2020 by the Solana Foundation with headquarters in Geneva, Switzerland. Reference(1)

Another theory may suggest the Solana hack is due to wallets using compromised code that exposes private keys. If so, you’d want to move funds offline into a cold storage hardware wallet or an exchange with high liquidity.

Advertisement

Where’s your Ed at?

Ed25519 is often used as a modern replacement for the Elliptic Curve Digital Signature Algorithm (ECDSA). Ed25519 is more open, secure, and faster than ECDSA, which is why it has become very popular in many sectors, especially in blockchain and cryptocurrency platforms.

In cryptography, it’s good hygiene to avoid accessing the private key many times. If they allowed the public key derivation on each signing invocation, then this implies they need to access it twice, once to sign, and once to derive the public key. However, the modification also creates a security loophole in the library.

Numerous security incidents have shown that poor random generation can result in private keys being leaked or stolen. One notable example was the private key leaks of PlayStation 3, whose technology relies on the ECDSA algorithm.

Last Updated on 12/28/2022 by Emmanuel Motelin

EXPLORE MORE ACROSS THE WEB
Tagged : # # # # # #
Advertisement
MOTELIN.ORG – Emmanuel Motelin (Official Website)

You can listen to this podcast on the following platforms. Plus more

AD
bitcoin
Bitcoin (BTC) $ 28,316.59 2.00%
ethereum
Ethereum (ETH) $ 1,802.53 3.30%
tether
Tether (USDT) $ 1.01 0.38%
bnb
BNB (BNB) $ 339.93 2.51%
usd-coin
USD Coin (USDC) $ 1.00 0.37%
xrp
XRP (XRP) $ 0.460298 19.52%
cardano
Cardano (ADA) $ 0.380868 13.46%
dogecoin
Dogecoin (DOGE) $ 0.076029 5.81%
staked-ether
Lido Staked Ether (STETH) $ 1,802.45 3.55%
matic-network
Polygon (MATIC) $ 1.15 4.72%
solana
Solana (SOL) $ 22.49 1.77%
binance-usd
Binance USD (BUSD) $ 1.00 0.46%
polkadot
Polkadot (DOT) $ 6.35 3.90%
shiba-inu
Shiba Inu (SHIB) $ 0.000011 4.23%
tron
TRON (TRX) $ 0.067347 2.31%
litecoin
Litecoin (LTC) $ 81.47 3.96%
avalanche-2
Avalanche (AVAX) $ 17.45 5.02%
dai
Dai (DAI) $ 1.00 0.38%
uniswap
Uniswap (UNI) $ 6.41 4.23%
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 28,329.59 2.11%
chainlink
Chainlink (LINK) $ 7.57 8.57%
the-open-network
Toncoin (TON) $ 2.43 1.29%
cosmos
Cosmos Hub (ATOM) $ 11.89 3.29%
leo-token
LEO Token (LEO) $ 3.39 0.15%
ethereum-classic
Ethereum Classic (ETC) $ 20.69 5.53%
monero
Monero (XMR) $ 152.85 1.17%
okb
OKB (OKB) $ 45.33 0.64%
bitcoin-cash
Bitcoin Cash (BCH) $ 132.81 2.71%
stellar
Stellar (XLM) $ 0.094549 8.94%
filecoin
Filecoin (FIL) $ 5.84 1.89%
aptos
Aptos (APT) $ 12.09 1.48%
true-usd
TrueUSD (TUSD) $ 1.01 0.35%
lido-dao
Lido DAO (LDO) $ 2.36 4.64%
quant-network
Quant (QNT) $ 130.92 3.78%
hedera-hashgraph
Hedera (HBAR) $ 0.063457 4.80%
crypto-com-chain
Cronos (CRO) $ 0.071703 2.59%
near
NEAR Protocol (NEAR) $ 2.03 3.34%
vechain
VeChain (VET) $ 0.023559 4.34%
arbitrum
Arbitrum (ARB) $ 1.16 9.80%
algorand
Algorand (ALGO) $ 0.230016 10.35%
internet-computer
Internet Computer (ICP) $ 5.26 3.28%
blockstack
Stacks (STX) $ 1.14 4.85%
apecoin
ApeCoin (APE) $ 4.09 2.12%
the-graph
The Graph (GRT) $ 0.149666 3.00%
fantom
Fantom (FTM) $ 0.478202 5.11%
eos
EOS (EOS) $ 1.18 2.55%
the-sandbox
The Sandbox (SAND) $ 0.661983 2.56%
aave
Aave (AAVE) $ 78.54 4.17%
decentraland
Decentraland (MANA) $ 0.61176 2.53%
elrond-erd-2
MultiversX (EGLD) $ 44.35 2.10%
%d bloggers like this: