Users of the Solana ecosystem can thank the team of security experts at Neodyme. Indeed, they detected and then fixed a bug that allowed anyone to steal thousands of dollars per second from multiple protocols.
A bug reported but never fixed
Neodyme is a team of cybersecurity researchers, composed of experts specialized in various technologies, including blockchain and smart contracts. In a statement published on its blog, Neodyme revealed that it recently discovered a critical flaw in the Solana Program Library (SPL) protocol.
It is learned that the bug was initially discovered last June by a researcher on Neodyme’s team and made public on GitHub. However, he explains that at that time, it was impossible to determine if the bug was exploitable. It had therefore gone unnoticed.
However, on December 1st, this same researcher noticed that the flaw was still present and that nothing had been done to correct it. Moreover, it threatened many protocols of the Solana ecosystem (SOL), such as the Tulip Protocol yield aggregator and the Solend and Larix lending platforms. Projects that currently manage $1.7 billion in funds.
Neodyme’s team therefore conducted a series of tests to see if the flaw was exploitable and eventually fix it. According to the press release, the work of the researchers and the contribution of the teams of the concerned protocols allowed to quickly correct the situation and to put the users safe. But what was the bug and what could have happened?
A simple rounding error…
In the rest of the release, Neodyme explains how the bug that threatened the Solana Program Library worked. To put it simply, when you deposit funds on a protocol, the value of your assets evolves over time. At the time of withdrawal, it can have many digits after the decimal point. That’s why some protocols rely on SPL to round the returned amount to the nearest decimal.
Consider the smallest reference unit in the Solana ecosystem. It is called Lamport and is worth 0.000000001 SOL (this is the same principle as a satoshi, the smallest unit of Bitcoin). If you deposit an amount of 1.5 Lamport in a loan protocol, then you will receive 2 Lamport upon withdrawal. Conversely, if that amount is down to 1.4 Lamport upon withdrawal, you will only receive 1 Lamport. On average, this should balance out by creating as much value as it removes.
However, researchers have shown that by operating this system very quickly, it is possible to recover tiny amounts of money with each deposit and withdrawal. By repeating the operation many times, the total amount recovered could be really significant.
That could have cost hundreds of millions of dollars!
Testing their theory on a replica blockchain, Neodyme experts managed to steal 0.000001 BTC ($0.047). They estimated that they could execute this bug 150-200 times in a single transaction and put several of these transactions in a single block. Thus, such a strategy could steal funds at a rate of $7,500 per second, or $27 million per hour.
As for the total amount that could have been stolen, this obviously depends on how long the flaw was exploited before it was noticed and protections were put in place:
“The attack would have lasted several days, so it could have been interrupted by the time it was noticed. But it’s really hard to notice, and we’re not sure anyone has sufficient oversight, especially when the attack is carried out slowly and carefully,” the release reads.
The Neodymium team’s research identified six protocols potentially at risk from the breach: Larix, Tulip, Port, Solend, Soda and Acumen. The total value of assets under management, and thus at risk, is approximately $1.7 billion. Not all of them are actually at risk, but Neodyme estimates that the potential profit was still several hundred million dollars.