The advice is to disconnect from Solana dapps and swap your SOL for different currencies
This article was updated on August 4th, 2022, to reflect developments in the story.
On August 3rd, in what was an unusual episode, the blockchain community watched in real-time as Solana wallets were drained of their assets. Thousands of wallets were attacked and millions of dollars were stolen. For a moment, people were powerless to stop it. The problem has been identified; now security experts need to work on patching up the vulnerabilities.
Summary
- Nothing has been confirmed yet but it seems that a cohort of compromised Slope wallets are at the center of the problem.
- Users are being advised to create a new wallet, with a new seed phrase, and transfer their funds there. Or move everything to a cold wallet. Everyone should disconnect their Solana wallets from any dapp it’s connected to, while the full extent of the problem is being diagnosed.
- SOL price drops and TVL on Solana goes down in the wake of the exploit.
- Overall, it seems the damage will be limited and now engineers and security experts will need to uncover the vulnerabilities.
What’s happened?
A significant number of Solana wallets were compromised and millions of dollars worth of SOL was stolen. Nothing has been fully confirmed yet, but it seems that ‘a cohort of Slope wallets were compromised in the breach’. Reportedly, a collection of seed phrases became publicly visible and hackers used them to get into people’s hot wallets to take their assets.
Slope is yet to ‘fully confirm the nature of the breach’ but they ‘are actively conducting internal investigations and audits, working with top external security and audit groups’. For now, it seems the prudent move is for users to take all necessary steps to secure their SOL. Then we’ll wait for the full outcome of the postmortem.
What was unusual about this exploit was the way in which people’s assets continued to drain from their accounts, before people’s eyes, even after the hack had been reported. The leak now appears to have stopped, and the reported number of exploited wallets currently sits around the 7,767 mark (again, this number is unconfirmed).
Magic Eden was apparently affected by the exploit but has only acknowledged that ‘there seems to be a widespread SOL exploit at play that’s draining wallets through the ecosystem’. The secondary marketplace hasn’t announced if they lost any funds directly.
The Solana Foundation said on Wednesday that ‘engineers from multiple ecosystems, with the help of several security firms, are investigating drained wallets on Solana’.
Whether or not victims will get their SOL back remains to be seen. Given that blockchain transactions cannot be reversed, this seems very unlikely.
Solana on-chain analytics
So far, the price of SOL hasn’t dipped drastically. Given the sums currently involved, there’s no reason for the wider Solana community to worry about large-scale losses. The hackers have stolen less than $10 million; SOL’s current market cap is $13.9 billion.
Total value locked (TVL) into the Solana blockchain has fallen by 5.63% in the past 24 hours, which could be significant, given that it’s out of line with every other major blockchain TVL.
Solana NFT trading doesn’t appear to have been affected by the hack. Looking at DappRadar’s analytics for Magic Eden and OpenSea, it seems that users on the site increased by 13% and 14%, respectively.
Check out the marketplace rankings for yourself to see how Solana platforms have performed today.
The story goes on
As this story unfolds, we’ll bring you updates and developments from Solana and security experts. And of course, you’ll be the first to know if this episode has affected the network’s on-chain analytics.