changehero Blog

What Happened to Solana? Hack or FUD?
Author: katyam
icon of calendar

On Wednesday, news about Solana being hacked spread out and caused fear, uncertainty and doubt on the market. After the dust had settled, it turned out to be not as bad as the panic made it out to be. What exactly happened? Should you worry and do something with your funds? Read our guide to find out.

Was Solana Hacked? The Timeline of Events and Explanation

On Tuesday night, August 2, owners of addresses on the Solana blockchain started reporting their funds being drained. The total amount of lost funds from what would amount to over 8 thousand addresses would later amount up to $5.3 million USD. However, this is not the biggest concern with this case: at the time when it all started, it seemed like an indiscriminate attack because no reason or pattern could immediately be discerned. Meanwhile, more and more millions of dollars of worth in SOL and USDC were being drained by every following minute.

Thanks to the blockchain data being completely public, the actual impact of the hack could be seen in real time. User Tristan0x built a custom Dune Analytics dashboard to follow the events, and SolScan has one, too.

The seeming chaos is why claims that Solana itself was hacked started being passed around. This is somewhat understandable, considering this was probably the largest drain attack in crypto to date, affecting thousands of addresses. The drained funds were directed to four Solana addresses, linked to a single address by blockchain analysis later.

In addition to that, as time went by, the hacked addresses started to be gradually linked back to wallet providers — Phantom, TrustWallet and Slope. Unfortunately, alternative theories were put forward at the same time — browser extension or GitHub repository exploits— mudding the waters.

The Solana Foundation could not stand by, and the findings were in large part thanks to the survey the Foundation set up posthaste. After all, at that time the possibility of global Solana hack was not ruled out just yet.

The Reason — Third-Party App

Finally, the signal was filtered from the noise thanks to the inputs from the community and chain forensics. All these transactions bore similarity in that they looked like proper signed transactions — which pointed at private keys being compromised. In other words, the good news was that Solana itself was not affected.

A few more hours later after connecting all the dots, a code review of Slope wallets showed a gross security mistake: the wallet’s API leaked users’ private keys unencrypted as plaintext.

The Timeline of Events

Timeline of Slope hack in Solana

Do I Have to Worry? Are My Funds Safe?

Let us paraphrase: only the users of Slope and Fantom were affected. There is no denying that there was a hacker attack with wallet users as victims who lost millions of dollars worth. However, other Solana users are in no immediate danger of loss of funds.

When things started to go down, advice to transfer assets to cold wallets started being thrown around. Ultimately, this was the right thing to do — there is no way to compromise a wallet with private keys that were never exposed. Remember: not your keys, not your coins! (If it was a blockchain exploit like initially suspected, though, things would not be this easy to solve).

So, if you are a Solana holder, should you do anything? Do not panic: there is no immediate threat as of now. It’s still advisable to eliminate risks you don’t want to take:

Bottom Line

The fears of Solana being hacked turned out to be overblown but the threat felt almost tangible for a few hours. While yet again highlighting the need to follow the basic advice for crypto security, this event did not turn into the catastrophe people feared, though it undermined confidence in Solana and crypto. 

You can find more articles about Solana in our blog or useful posts in our Twitter, subreddit, Facebook and Telegram. Check them out and subscribe!