The cryptocurrency community is still coming to terms with the Solana (SOL) software wallets hack that has resulted in the loss of at least $4.5 million. The initial probe indicates that the hack is due to an exploit in specific wallets, including Slope and Phantom.
After the hack, Solana developers indicated that they had identified the root cause of the exploit as compromised private keys “created, imported, or used in Slope mobile wallet applications.”
Although a section of the community has blamed the hack on Solana, a new analysis of the exploit appears to absolve the network of any responsibility.
In a series of tweets on August 3, Web 3.0 powered by blockchain technology, Point Network noted the first sign why Solana is not to blame is because only two network wallets were affected. The analysis continued to break down what happened on the wallets alluding that weak decentralized two-factor authentication might be the main reason.
Solana unable to distinguish real and fake users
According to the analysis, it appears a third party accessed the private keys, and in this case, Solana has no means to distinguish between real and fake owners.
“Essentially, the root of the problem is that the Solana network has no way to distinguish between a real and a fake owner, to only allow the real owner to access the refund,” Point Network said.
Furthermore, Point Network noted that the exploit could also be executed through multi signatures and hardware wallets, but the approach is highly unlikely. Interestingly, Solana also confirmed on August 3 that there is no evidence hardware wallets on the network were affected.
However, Point Network also ruled out exploiting the vault wallet because of the timelock feature that sets a specific timeframe for confirming the transactions. Due to the live feature of the wallets, the attacker can abandon stealing the funds since the real holder can cancel the transaction and send them back to the vault.
The researchers mentioned that if the transactions are uncontested, they will get confirmed without needing keys.
Any network can be affected
Ultimately, the analysis concluded that such an attack could affect any network, not only Solana.
“This would work not just in a global situation where thousands of wallets are somehow affected, but in a normal setting too if your private key accidentally leaks or your device gets compromised. And this can work for *all* networks, not just Solana,” Point Network added.
Notably, the assertion aligns with Phantom’s take, maintaining that it “does not believe this is a Phantom-specific issue.”
Although details of the hack remain primarily unclear, Solana noted that approximately 7,767 wallets had been affected, targeting both mobile wallets and browser extensions.