The Solana Foundation discreetly patched a network vulnerability, securing 66.6% of the stake by August 8, 2024.
According to Solana validator Laine, the Solana Foundation initiated communication with network administrators via private channels on Wednesday, August 7, 2024. This was a component of a strategy to covertly resolve the vulnerability and prevent its exploitation.
Laine clarified that the patch was made available on the GitHub account of an Anza engineer, which enabled operators to independently verify and implement the repair. Detailed patch instructions were disseminated to stakeholders by 14:00 UTC on Thursday, August 8, securing 66.6% of the network’s stake.
The public was informed of the issue after 70% of the network had been rectified. Subsequently, Solana Labs issued an announcement on Discord, encouraging the remaining operators to upgrade their systems.
The message stated: “Core contributors have identified a network security issue that requires an urgent response. v1.18.21 with a patch will be available in 30 minutes. Please be prepared to upgrade as soon as the announcement is sent.”
