According to security researchers at Neodyme, a bug in the Solana Protocol Library (SPL) — a set of reference documents for Solana projects — could have allowed attackers to steal money from multiple Solana projects at a rate of $27 million per hour.
Tulip Protocol, a yield aggregator, and the lending protocols Solend and Larix were among the projects affected. These projects currently manage $1.7 billion in funds (though this figure was much higher prior to today’s market crash).
Discovering a multibillion-dollar bug
Neodyme explained in a blog post that the bug was first publicly disclosed in June by one of Neodyme’s auditors, known as Simon, on the file sharing platform GitHub. At the time, security researchers didn’t know if it could be exploited or how big of an impact it could have. The bug remained undetected.
Simon discovered that the issue was still open and that the bug had not been fixed on December 1. Because of his concerns, security researchers at Neodyme began testing to see if the bug could be exploited and how serious it was. According to Neodyme, the bug was a “seemingly innocuous rounding error,” but they quickly discovered that it had the potential to steal a fortune — in millions of tiny pieces.
The bug functioned as follows. Simply put, there is a mechanism for when funds are put into and taken out of Solana apps. If the protocol adhered to the SPL reference documents, funds would be rounded to the nearest whole number at the time of withdrawal. This would only occur if the user was owed a fraction of the smallest unit of reference, referred to as a Lamport (this is similar to a satoshi, the smallest amount of bitcoin).
This worked in both directions. Some people would end up with a fraction of their tokens extra. Others would receive slightly less than they were owed. However, it would be a negligible amount per person, and would roughly balance out on average.
But, if someone were to game the system, the researchers reasoned, they would almost certainly end up taking the tiny extra amounts. And if they did this over and over again, they might be able to make a lot of money.
The researchers put their theory to the test on a clone of the blockchain. They sent a transaction designed to exploit the bug, and it was successful in stealing 0.000001 BTC ($0.047) due to a rounding error.
The researchers calculated that they could execute this bug 150-200 times in a single transaction and place many of these transactions in a single block. They calculated that a similar exploit could steal money at a rate of $7,500 per second, or $27 million per hour.
In terms of how much money could be stolen in total, it’s unclear how long this type of exploit could have gone undetected before it was discovered and safeguards put in place. That would depend on how obvious the attackers were and whether the attack was carried out quickly or slowly. However, the researchers were aware that more than a billion dollars were at stake.
The researchers quickly contacted several Solana projects that they suspected were affected by this bug. Because many Solana projects are closed-source, it was a much more difficult task, and they misidentified a couple of projects. However, they were able to contact Solend, Tulip, and Larix, who all fixed the bug.
Solana Labs has also fixed the reference documents since the bug was discovered to ensure that new projects following its instructions do not introduce it again.