😱A vulnerability in Solana's minting process has been discovered! Hackers nearly pulled off a heist ⚠️

The Solana Foundation has fixed a significant vulnerability affecting Token-2022 and ZK ElGamal Proof 🛠️, which could have allowed hackers to forge identities and secretly mint and steal confidential Token-22 tokens 💰.

The vulnerability was discovered on April 16, with the root cause being a missing hash component in the Fiat-Shamir transformation, which led to the bypassing of the verification mechanism. The good news is that there have been no known cases of exploitation, and a fix has been released 🔧.

Validation nodes such as Anza and Firedancer responded swiftly, and teams like Neodyme also assisted in the repair 👏. However, members of Curve Finance are concerned that the foundation's operations are too centralized, questioning whether its "private fixes" violate the spirit of decentralization 🔍. Although funds have not been harmed, a crisis of trust is still brewing... 💥