Solana developers quietly found and fixed a critical vulnerability this week, with few people noticing.
On one hand, the stealthy patch raises questions on how decentralized the third-largest blockchain by total-value locked is. On the other hand, some might be relieved the vulnerability didn’t cause an outage.
The pseudonymous Laine from Solana’s Stakewiz validator explained in an Aug. 8 post titled “Anatomy of a patch,” that the quick fix came thanks to the fact that large validators were alerted ahead of time.
A Discord alert on Aug. 7 said that core contributors had found a critical vulnerability that needed urgent patching. Within minutes, validators representing more than 70% of Solana’s network had already made the fix.
Solana Beach reports that there are currently 1,515 validators on Solana. Helius, Galaxy, and Coinbase account for the largest sets, with 3.39%, 3.36%, and 2.89% of the network’s total stake.
Laine said the Discord alert urged them to be ready for a second message, and the imminent patching to take place at 10:00 EST on Aug. 8. They received private messages from two separate Solana Foundation members containing instructions.
Through extensive and ongoing research from members of the Solana Foundation, and projects including Anza, Jito, Jump, Firedancer, and others, the community was able to first reach a super minority of 19%, and then a supermajority of 67% of validator consensus to institute the patch.
Once the supermajority was reached, and the network was “ostensibly safe,” Solana contributors called other validators to upgrade.
Decentralized?
A few questions arise from this quiet patching.
If Solana is decentralized, how can a critical vulnerability become known and patched by 70% of the validator set within minutes? Also, why was coordination taking place behind-the-scenes, without the majority of Solana’s ecosystem oblivious to a potentially threatening situation?
According to Laine’s depiction of the episode, the confidentiality of what was happening was needed to stave off a bad actor from taking advantage of the situation.
As for the three days of quiet coordination among core contributors and validators, Anza engineer trent.sol pushed back against allegations of massive centralization.
“You don’t patch shit like this in public,” he wrote.
No More Outages
What’s equally notable is how a network that was known for its downtime and congestion, fixed a critical vulnerability without needing to pause the network.
That deserves a tip of the hat to Solana developers, and engineers, who have managed to turn the network around, and not have to refer back to switching the protocol off.
“The amazing thing about Solana’s validator community is that it’s very active and engaged, and even if you don’t directly know a validator they’re often only one degree of separation away as we’ve all made friends with others over the years,” wrote Laine.