Solana developers fixed a critical vulnerability that allowed attackers to infinitely issue private tokens Token-22 and even withdraw them from user accounts.

The issue was related to the incorrect implementation of cryptographic proofs in the ZK ElGamal module. Although an exploit did not occur, patches were promptly deployed by most validators.

The quick fix of the bug sparked controversy in the crypto community — Solana was accused of excessive centralization due to its closed manner of coordination with validators. Critics argue that the single Agave client makes the protocol vulnerable, unlike Ethereum, where a greater variety of clients ensures decentralization.

9414384518054118220064