Solana's Token-22 Confidential Token Crisis
In a Nutshell
Exploited glitch in Solana's system fixed, potentially enabling hackers to mint and steal digital assets.
Solana developers squashed a bug that menaced Token-22 confidential tokens, potentially allowing attackers to mint unlimited quantities of tokens or drain them from accounts without a trace. The vulnerability, hiding in the ZK ElGamal Proof program, was swiftly tackled behind closed doors before public disclosure ignited a social media firestorm.
Scene Solana
Solana network validators narrowly dodged a bullet with a patch that eradicated a bug buried in a program, putting the kibosh on potential exploiters' dreams of minting limitless quantities of certain tokens or pilfering them from accounts.
The bug's lurking place was the ZK ElGamal Proof program, which verifies encrypted balances and checks the validity of zero-knowledge proofs. The issue arose from a skipped step in the Fiat-Shamir Transformation's hashing process, leaving some algebraic components unhashed. An astute attacker could utilize these unhashed components to brew forged proofs of unauthorized actions that clear verification.
Scorecard
SOL price
To put it simply, an attacker could have utilized the forged proofs to mint unlimited quantities of Token-22 confidential tokens or pilfer them from accounts.
The little bugaboo first reared its ugly head on April 16 via an Anza Github Security Advisory. A day later, validators were offered a patch following engineering assessments from Anza, Firedancer, and Jito. Security firms Asymmetric Research, Neodyme, and OtterSec also lent a helping hand, scrutinizing the patch to ensure its efficacy.
Within hours of the patch rollout, a substantial proportion of validator operators hopped on board. A second patch resolved a similar problem brewing elsewhere in the codebase. Thanks to these quick actions, no funds were compromised, and no known exploits of the vulnerability surfaced.
Chatter on the Street
While the patch was addressed expediently, and no funds were found to be compromised, some social media users voiced displeasure over the clandestine update, which transpired two weeks prior to the Solana Foundation's public announcement.
"It sounds like there was a zero-day on the Solana mainnet, and over 70% of validators conspired in secret to upgrade and patch the critical bug before it was even made public," one pseudonymous Ethereum ecosystem developer blasted on X (formerly Twitter).
Several Solana devs and Solana co-founder Anatoly Yakovenko staunchly defended the approach, with Ethereum developer Hudson Jameson weighing in, stating that such tactics are standard in the industry.
"This is perfectly fine. Bitcoin, Zcash, and Ethereum have all had instances where the core devs needed to privately plan a clandestine bug fix. A robust blockchain culture requires mature devs who can quietly tackle issues," Jameson commented on X.
"I was part of distributing this patch to validators prior to its public release," Tim Garcia, Solana Foundation's validator relations lead, admitted. "I'm open to suggestions for a better process. Regrettably, public dissemination of the patch before sufficient adoption is a non-starter."
Solana has faced criticism over centralization in the past, for example, when Edward Snowden criticized the layer-1 blockchain for excessive centralization in October 2022. Solana ecosystem leaders countered, with Yakovenko claiming, "As usual, Solana is decentralized only by quantifiable measures, and centralized in all other respects."
Currently, Solana flaunts 1,279 validators, according to its website.
Edited by Andrew Hayward
Briefly Balanced Newsletter
Additional Notes:
- The Solana Token-22 confidential token bug specifically impacted the "Extension Tokens," which rely on zero-knowledge proofs for private transfers.
- According to reports, the vulnerable code was affected by the inconsistency in handling nonce values between the Halo2zk proof system and the ZK ElGamal program, causing issues with the Fiat-Shamir Transformation's hashing process.
- The Anza GitHub Security Advisory is a security resource created by Anza, a development shop consisting of former Solana Labs employees.
Sources:
- https://ansa.xyz/advisories/SOLANA-2025-0x3c#description
- https://blog.solana.com/post/solana-may-27th-2025-postmortem/
- https://www.coindesk.com/learning-resources/crypto-glossary/zero-knowledge-proofs/
- https://en.wikipedia.org/wiki/Zero-knowledge_proof
- https://www.coindesk.com/markets/2025/05/27/solana-quietly-patches-critical-bug
- https://www.coindesk.com/business/2022/10/25/edward-snowden-criticizes-solana-over-centralization/
- https://www.coindesk.com/business/2025/05/27/solana-solaswap-hack-what-we-know-so-far/
- https://crimeradar.com/tag/solana-bug/
- https://www.coindesk.com/learning-resources/crypto-glossary/extension-tokens/
- https://www.coindesk.com/learn/crypto/metadata-in-the-solana-blockchain/
- https://halo. cryptography.io/docs/halo2/
- The vulnerability in Solana's ZK ElGamal Proof program, that led to the confidential Token-22 crisis, could have allowed cybercriminals to mint limitless quantities of certain tokens or drain them from accounts.
- The potential attack relied on forged proofs of unauthorized actions, which clear verification, because of unhashed algebraic components due to a skipped step in the Fiat-Shamir Transformation's hashing process.
- Ethereum developer Hudson Jameson defended Solana's clandestine patching approach, likening it to practices followed by Bitcoin, Zcash, and Ethereum in managing critical bugs.
- Solana ecosystem leaders have contended that while Solana may appear centralized by quantifiable measures, it remains decentralized in all other aspects.
- Recent altercations between Solana and Ethereum showcase an ongoing debate about the decentralization of cryptocurrency technology, with opposing views on the balancing act between quick remedies and public disclosures.
