The Wormhole exploit shined the spotlight on a number of things in the crypto industry as users scrambled for answers. Solana, Ethereum, DeFi, cross-chain protocols, and Solana’s proof-of-history consensus mechanism, all came under intense scrutiny. Now, with Wormhole releasing its incident report, there are more voices chiming in.
The incident report confirmed the basic details of the exploit, such as the signature verification vulnerability in the Wormhole network which let an attacker mint 120,000 Wormhole-wrapped ETH on Solana. 93,750 such tokens were then moved to Ethereum to be unwrapped. The loss came up to more than $321 million.
Addressing rumors that Wormhole contributors already knew about the vulnerability, the report claimed that the vulnerability had indeed been fixed in a new commit added to the Wormhole repository. However, this was reportedly a coincidence that took place along with the Solana toolchain upgrade.
It’s worth noting here that Wormhole’s incident report did not reference any measurable plans or targets for the future, in light of the exploit.
The exploit has once again raised the demons of Solana’s past. In other words, the classic speed versus security debate.
For his part, DFINITY founder Dominic Williams, claimed that Solana’s “security hole” needed to be fixed quickly. He also felt that a consensus needed more than 66% of the nodes, to ensure security.
<p lang=«en» dir=«ltr» xml:lang=«en»>Solana security hole needs fixing asap?Seems their consensus proceeds with only 33% of the nodes
Hard math proofs show you need 66%+ for safety. No ifs no buts
Possibilities: 1) is insecure, 2) is centralized, or 3) they've broken Computer Science (unlikely) pic.twitter.com/yqfW3QnfeK
— dom.icp ∞ (@dominic_w)
Read more on ambcrypto.com