Share this article
Solana Halted by Bug Linked to Certain Cold Storage Transactions
Validators restarted the network after four hours of downtime by disabling the so-called “durable nonce transactions” that have found favor among some exchanges.
By Danny Nelson
Updated May 11, 2023, 4:40 p.m. Published Jun 2, 2022, 12:47 a.m. 2 min read
The Solana network suffered its latest outage Wednesday, felled for over four hours by a bug in how the blockchain processes a niche type of transaction that’s designed for offline use cases.
Validators began restarting the network only after disabling these “durable nonce transactions,” Solana Labs communications chief Austin Federa told CoinDesk. Those transactions will remain nixed until developers identify and patch the exact culprit that threw Solana’s consensus mechanism off-kilter.
That may have ramifications for offline custodians whose transactions fall under this category, perhaps even freezing their ability to move funds until the patch is in, validators said. CoinDesk has begun reaching out to exchanges to ask about their Solana transaction setup.
Even so, at press time Wednesday a number of exchanges were reporting problems with Solana deposits and withdrawals. Among them: Binance, Coinbase and Crypto.com.
The chain’s native SOL token was already trading lower Wednesday when the outage began around noon Eastern time; it continued its 24-hour slide and was down nearly 13% around 8:30 p.m. ET, trading at $39.98, according to CoinMarketCap.
Durable nonces
Federa said durable nonces represented “an incredibly small percentage” of transactions on Solana until recently. The technology has been growing in popularity among exchanges. In cryptography, a nonce is a random number used for a specific purpose.
“This was probably a bug that existed for a while but never really became an issue because it isn't something that most people use,” Federa said.
A durable nonce is a way in which a transaction can be signed offline ahead of time, without requiring a recent block hash (which expires after two minutes). Usage has recently increased, particularly by exchanges, possibly due to their cold storage setups.
— Laine ❤️ stakewiz.com (@laine_sa_) June 1, 2022
Durable nonces on Solana are designed for token holders with complex offline signing setups that can’t always prep their transactions fast enough for the speedy network.
For example, a custodian that signs Solana transactions with two air-gapped computers might not be able to finish the job within a single block. Normal transactions on Solana would fail in this scenario. Durable nonces give the token holder time to work.
What happened on Wednesday was a failure in Solana’s ability to handle durable nonces. Instead of treating these niche inbounds as a single transaction, the network’s validators double-counted them as a single transaction at two different block heights, Federa said. This impossible situation effectively broke Solana’s consensus mechanism.
In a tweet, Laine from Stakewiz, a Solana validator operator, said the bug was “known” and was being fixed prior to Wednesday’s events. It “hadn’t been triggered in this form previously,” Laine said.
The network was slowly coming back to life on Wednesday evening as key infrastructure pieces such as RPC nodes resumed work.
More For You
Andrew Gault, the venture capitalist who funded the quantum hardware labs now threatening bitcoin, says the industry is looking in the wrong place. Google's own security team moved in the same direction in March.
What to know:
- Security experts warn that the most urgent quantum threat to bitcoin and the broader financial system is not wallet keys but the encrypted authentication data already moving between institutions and being quietly harvested today.
- Adversaries are pursuing a “harvest now, decrypt later” strategy, stockpiling encrypted interbank messages, payment records and...
