2022 has been something of a rough year for crypto, in case you haven’t noticed. Although there are a lot of positives, it’s hard to avoid the fact the industry has lurched from disaster to disaster. Well, to pile onto that, you may have seen “Solana Hack” trending just about everywhere. Is it as bad as it seems?
As is often the case with these things, “yes and no” is the answer. Yes, insofar as innocent cryptopians have lost an estimated $4.46m across 8,000 different hot wallets. No, insofar as it isn’t Solana as a protocol that has been hacked, backdoored, or exploited.
After an investigation by developers, ecosystem teams, and security auditors, it appears affected addresses were at one point created, imported, or used in Slope mobile wallet applications. 1/2
— Solana Status (@SolanaStatus) August 3, 2022
The issue was tracked down to Slope and Phantom wallets, with users finding their $SOL, $USDC, and other Solana-based tokens had been drained completely. In the last hour, Slope has released a statement on the breach. There isn’t much information, but they claim that some of Slope’s founders and staff have had their wallets emptied by the hackers. They also recommended that users, “Create a new and unique seed phrase wallet, and transfer all assets to this new wallet. Again, we do not recommend using the same seed phrase on this new wallet that you had on Slope.”
Meanwhile, over at Phantom HQ, they have immediately tweeted following the statement from Slope by airdropping the blame at their feet:
1/ Phantom has reason to believe that the reported exploits are due to complications related to importing accounts to and from @slope_finance.
We are still actively working to identify whether there may have been other vulnerabilities that contributed to this incident. https://t.co/W5B19gbMJX
— Phantom (@phantom) August 3, 2022
It is too early to say who is at fault, but I would like to stress to readers two key takeaways:
- No wallet, exchange, or protocol is immune to security breaches or hacks. This is a reminder to take security seriously, use a hardware wallet where possible, and not have too many eggs in one basket.
- The Solana protocol has not been hacked, its cryptography has not been exposed as flawed, and (so far, it seems as if) this had little to do with Solana at all, it just happened to be on that particular blockchain.
It’s another sad piece of news, and potentially dreadful for those affected, but to all the media outlets defecating on Solana, so far, they have little — if any — blame to shoulder.