Slope denies link between wallet bug and Solana breach

Auditors did not find “convincing evidence” of a link between the Slope wallet vulnerability and the Solana addresses breach worth millions of dollars, the app’s developers said.

Slope update — 11 August, 2022https://t.co/ZLunzRIZcS

— Slope (@slope_finance) August 11, 2022

On August 3, unknown gained access to more than 8,000 wallets on the Solana network. Preliminary estimates of user losses reached up to $8 million.

During the investigation, the Solana team concluded that the addresses touched by the attack were “at some point created, imported or used in Slope’s mobile applications.”

Representatives of the Phantom project, whose users were among those affected by the breach, also stated a link between the exploit and Slope.

The wallet team, together with auditors OtterSec and SlowMist, as well as the cybercrime-fighting firm TRM, began its own investigation.

“Investigators gained access to all databases and data channels, server logs and the application’s source code,” according to the statement.

While the auditors’ work is not yet complete, the team shared with the community what it regards as the most important findings:

• Between July 28 and August 3, in the implementation of the error notification service in Sentry for mobile wallets in Slope, a vulnerability was discovered. The bug inadvertently logged confidential data while generating notifications;
• No evidence that all security layers were compromised (for example, transmissions or storage). The link to the Sentry server is protected by end-to-end encryption over HTTPS, and access is controlled by three-factor authentication;
• The number of breached addresses (totalling 9,232) exceeds the number reported via the Sentry channel. Of the latest 1,444, several were removed from the server.

“Although the auditors have no conclusive evidence of a link between the Slope vulnerability and the exploit, its very existence jeopardized a large amount of assets. This is far from the security standard we strive to establish and maintain,” the developers said.

According to them, no additional bugs were found during the investigation, so the latest version of the wallet is safe.

The Slope team pledged to continue tracking the hacker to recover the stolen assets.

Earlier in August, auditors of smart contracts from Hacxyk discovered a vulnerability in NEAR Wallet similar to the one found in Slope’s wallet.

Follow ForkLog’s bitcoin news on our Telegram — news on cryptocurrencies, rates and analytics.