Solana Quietly Patches Bug Allowing Unlimited Token Minting

Solana Devs Quietly Patch Critical Token-22 Bug, Sparking Transparency Debate

  • Solana developers quickly addressed a serious bug impacting Token-22 confidential tokens.
  • The vulnerability could have allowed unlimited token minting or unauthorized withdrawals.
  • The patch was issued privately before public disclosure, sparking debate over transparency.

Developers for the Solana blockchain moved rapidly last month to patch a critical software bug that posed a risk to Token-22 confidential tokens. This vulnerability, if exploited, could have allowed attackers to create unlimited quantities of certain tokens or withdraw funds from any account, according to an official Solana Foundation postmortem.

- Advertisement -

According to the report, the issue was discovered in Solana’s “ZK ElGamal Proof program.” This software helps to confirm encrypted token balances using zero-knowledge proofs—a way to verify data without revealing sensitive details. The problem involved missing components during the cryptographic process, which could have helped attackers forged proof of unauthorized actions that would pass system checks.

The vulnerability was first flagged in an April 16 security advisory. Solana validators—a group of participants who help run the blockchain—received a direct fix the very next day, after the problem was reviewed by engineers at Anza, Firedancer, and Jito. Security firms like Asymmetric Research, Neodyme, and OtterSec also assisted in testing and validating the fix.

By April 18, a “supermajority” of Solana validator operators installed the patch, closing the vulnerability. A secondary issue within the same program was also fixed. The Solana Foundation stated no funds were lost and that there had been no known exploits related to this incident.

The way the fix was handled attracted attention on social media. Some users criticized the quiet rollout, which took place two weeks before public disclosure. According to a statement on X (formerly Twitter), a pseudonymous Ethereum developer questioned if more than 70% of validators “privately colluded to upgrade and patch the critical bug before it was even made public.” Experienced blockchain developers, including longtime Ethereum contributor Hudson Jameson, responded that such private action is standard, explaining on X: Bitcoin, ZCash, and Ethereum have all had instances where the core devs needed to privately plan a secret bug fix. A good chain culture means having mature devs who can accomplish stealth fixes.”

Tim Garcia, validator relations lead at the Solana Foundation, added on X that “doing the distribution in public before sufficient adoption is a non-starter.” He welcomed suggestions for improving the process but emphasized the importance of security.

The Solana ecosystem, which currently includes over 1,200 validators according to its official stats, has previously faced concerns about centralization from critics. Leaders at Solana have stated the network remains decentralized according to measurable metrics.

- Advertisement -

Edited by Andrew Hayward.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest News

Fannie Mae, Freddie Mac Now Accept Crypto Assets for Mortgages

Fannie Mae and Freddie Mac will now recognize Bitcoin and other cryptocurrencies as reserves...

AI-Powered Blockchain Activity Soars 86%, Nears Gaming Market Share

Blockchain-based Artificial Intelligence activity has grown by 86% since the beginning of 2025, according...

Maine Attorney General Recovers Thousands in Crypto Scam Case

The Maine Attorney General's Office has recovered thousands of dollars for a victim of...

Coinbase Shares Hit Highest Level Since 2021 Nasdaq Debut

Coinbase stock reached its highest price since its 2021 listing, nearly returning to debut...

BPX Gains FCA Nod to Trade Tokenized Securities in the UK

BPX, a startup focused on trading tokenized securities, received several authorizations from the UK’s...

Must Read

14 Ways On How to Make Money with Cryptocurrency

Many people want to make money with cryptocurrency because they have heard the success stories of people who became millionaires from zero.If you...