- A bug impacting major Solana projects, which had been publicly disclosed, sat unnoticed for six months.
- Security researchers estimated that it could have stolen thousands of dollars per second.
A bug in the Solana Protocol Library (SPL) — a set of reference documents for Solana projects — could have seen attackers steal money from multiple Solana projects at a rate of $27 million an hour, according to security researchers at Neodyme.
The projects that were affected included yield aggregator Tulip Protocol and lending protocols Solend and Larix. These projects currently look after $1.7 billion in funds (although that was considerably higher before today’s market crash).
Uncovering a billion-dollar bug
In a blog post, Neodyme explained that the bug was first publicly disclosed by one of Neodyme’s auditors, known as Simon, on file sharing platform GitHub in June. At the time, the security researchers did not know if it was exploitable or how big its impact could be. The bug went unnoticed.
On December 1, Simon saw that the issue was still open and the bug hadn’t been fixed. Due to his concerns, security researchers at Neodyme started testing to see if it was possible to exploit the bug, and to gauge how serious it was. The bug was a “seemingly innocuous rounding error,” according to Neodyme, but they quickly found that it had the potential to steal a fortune — in millions of tiny pieces.
The bug worked as follows. Simply put, for Solana apps there’s a mechanism for when you put funds in and take them out. If the protocol followed the SPL reference documents, then they would round funds to the nearest whole number at the point of withdrawal. This would only happen if the user was owed a fraction of the smallest unit of reference, known as a Lamport (this is similar to a satoshi, the smallest amount of bitcoin).
Now this worked both ways. Some people would end up with an extra fraction of their tokens. Other people would end up with slightly less than they were owed. But it would be a minuscule amount per person, and on average would roughly equal out.
But were someone to game the system, the researchers wondered, surely they could end up taking the tiny extra amounts? And were they to do this over and over again, perhaps they could make significant amounts of money.
The researchers tested their theory out in practice on a copy of the blockchain. They submitted a transaction designed to exploit the bug and it managed to steal 0.000001 BTC ($0.047) due to the rounding error.
The researchers estimated they could execute this bug 150-200 times in a single transaction and put many of these transactions in a single block. They figured such an exploit could steal funds at a rate of $7,500 per second, or $27 million an hour.
In terms of how much could be stolen in total, it’s an open question how long this kind of an exploit could have gone on for before it was noticed and protections were put in place. That would depend on how blatant the attackers were and whether they carried out the attack quickly or slowly. But the researchers knew there was more than a billion dollars at risk.
The researchers swiftly contacted multiple Solana projects that they believed were affected by this bug. Since many Solana projects are closed-source, it was a much harder task and they wrongly identified a couple of projects. But they managed to get in contact with Solend, Tulip and Larix, which all fixed the bug.
Since the bug was disclosed, Solana Labs has also fixed the reference documents to make sure that new projects following its instructions won’t introduce it again.