• Investigations suggest private keys were exposed and transferred to third party
  • Slope recommended users to open a new Slope wallet with a new seed phrase and transfer any assets to the new wallet

Solana developers are distancing the protocol from a series of hacks that resulted in nearly 8,000 Solana wallets suddenly being emptied of their contents in the last 24 hours.

Solana Status, the blockchain’s hub for data and system performance, said “there is no evidence that the Solana protocol or its cryptography was compromised.” 

What exactly caused the hack, then, is up in the air, but it appears to have originated from a vulnerability in Solana hot wallets and assorted third-party extensions. The breach impacted millions of dollars of the blockchain’s native token, SOL, non-fungible tokens (NFTs) and Solana-based tokens, including the stablecoin USDC.

The breach appears to have affected addresses that “were at one point created, imported, or used in Slope [Finance] mobile wallet applications,” according to Solana Status.

That would isolate the incident to Slope accounts, and to an exploit in “private key information” that was “transmitted to an application monitoring service” or third party. 

As such, seed phrases that Slope had access to could have exposed wallets to the unidentified hackers.

That appears to be why many Phantom wallets were also compromised, likely “due to complications related to importing accounts to and from a Slope wallet,” Phantom tweeted

Phantom also encouraged users to create a new non-Slope wallet with a fresh seed phrase to move their assets to, in response to a statement published by Slope.

Slope recommended users create a new wallet on its network with a corresponding, unique seed phrase, and transfer any assets to this new wallet. It also reiterated its commitment to “identify and rectify” the issue, but it has not “fully confirmed the nature of the breach.” 

Consensus points to Slope being able to store users’ encrypted private keys and seed phrases, decipher them as plain text and transfer them to their own centralized servers, as suggested by developer 0xfoobar.

Arthur Breitman, co-founder of Tezos, told Blockworks he believes there will likely be a bailout from venture capital firms and other asset managers, “even though this opens them up to unverifiable fraudulent claims.”

Anatoly Yakovenko, Solana Labs co-founder, tweeted that users ought to “order a ledger, setup a cold wallet!” 



Get the day’s top crypto news and insights delivered to your inbox every evening. Subscribe to Blockworks’ free newsletter now.


  • Blockworks
    Reporter
    Ornella is a Miami-based multimedia journalist covering NFTs, the metaverse and DeFi. Prior to joining Blockworks, she reported for Cointelegraph and has also worked for TV outlets such as CNBC and Telemundo. She originally began investing in ethereum after hearing about it from her dad and hasn't looked back. She speaks English, Spanish, French and Italian. Contact Ornella at [email protected]