Solana Network Was Not Breached, Slope Wallet Blamed

“Private key information was inadvertently transmitted,” Solana Status tweeted


Source: Shutterstock


key takeaways

  • Investigations suggest private keys were exposed and transferred to third party
  • Slope recommended users to open a new Slope wallet with a new seed phrase and transfer any assets to the new wallet

Solana developers are distancing the protocol from a series of hacks that resulted in nearly 8,000 Solana wallets suddenly being emptied of their contents in the last 24 hours.

Solana Status, the blockchain’s hub for data and system performance, said “there is no evidence that the Solana protocol or its cryptography was compromised.” 

What exactly caused the hack, then, is up in the air, but it appears to have originated from a vulnerability in Solana hot wallets and assorted third-party extensions. The breach impacted millions of dollars of the blockchain’s native token, SOL, non-fungible tokens (NFTs) and Solana-based tokens, including the stablecoin USDC.

The breach appears to have affected addresses that “were at one point created, imported, or used in Slope [Finance] mobile wallet applications,” according to Solana Status.

That would isolate the incident to Slope accounts, and to an exploit in “private key information” that was “transmitted to an application monitoring service” or third party. 

Loading Tweet..

As such, seed phrases that Slope had access to could have exposed wallets to the unidentified hackers.

That appears to be why many Phantom wallets were also compromised, likely “due to complications related to importing accounts to and from a Slope wallet,” Phantom tweeted

Phantom also encouraged users to create a new non-Slope wallet with a fresh seed phrase to move their assets to, in response to a statement published by Slope.

Slope recommended users create a new wallet on its network with a corresponding, unique seed phrase, and transfer any assets to this new wallet. It also reiterated its commitment to “identify and rectify” the issue, but it has not “fully confirmed the nature of the breach.” 

Consensus points to Slope being able to store users’ encrypted private keys and seed phrases, decipher them as plain text and transfer them to their own centralized servers, as suggested by developer 0xfoobar.

Arthur Breitman, co-founder of Tezos, told Blockworks he believes there will likely be a bailout from venture capital firms and other asset managers, “even though this opens them up to unverifiable fraudulent claims.”

Anatoly Yakovenko, Solana Labs co-founder, tweeted that users ought to “order a ledger, setup a cold wallet!” 

Loading Tweet..

Don’t miss the next big story – join our free daily newsletter.

Follow Sam Bankman-Fried’s trial with the latest news from the courtroom


Upcoming Events

MON - WED, MARCH 18 - 20, 2024

Blockworks’ Digital Asset Summit (DAS) will take place March 18-20, 2024 at The Hilton London Metropole. Why London? Momentum.  London has become one of the world’s hottest crypto hubs.  Innovation is thriving, new institutional investors are flocking in, and regulators like […]

recent research

l1 cover.png


This analysis focuses on financial metrics for general-purpose L1 blockchains. In many ways, L1s should be viewed as an entirely new asset class more comparable to digital economies than traditional businesses. L1s are the core infrastructure enabling the creation of new-age businesses like onchain protocols.


More than 100 Arbitrum ecosystem projects have already applied for grant funding


Ripple previously announced its intent to acquire Fortress on Sept. 8


Four patent applications were published since Sept. 21, suggesting that PayPal is taking a close look at distributed ledger tech


If the market wasn’t quite so boring, perhaps BitBoy’s flameout would have been a little less fiery


Developers have a new testnet running, but devnet testing the Dencun upgrade is running behind schedule


A handful of Democrats are joining the anti-Gensler and pro-crypto movement