According to Blockworks, the post-mortem report of the Solana network outage this week pointed out that the cause of the network outage was a known vulnerability. On Tuesday, the Solana network was paralyzed for five hours. Validators restarted the network before 10 am EST. The post-mortem report written by Anza concluded that an infinite loop vulnerability caused the validator to stall on a certain block. The infinite loop causes the validator to repeat an action endlessly, and the validator cannot function, thus preventing the network from processing more transactions. Specifically, Solana's just-in-time (JIT) compilation cache encountered a vulnerability that caused an infinite loop recompilation of some older programs, thereby monopolizing network resources and aborting operations. As a result, the compiler that compiles code in real time to improve performance became a bottleneck. To solve this problem, the Solana team deployed a fix in the new version that resolved the vulnerability and prevented this loop. This problem is consistent with a vulnerability discovered in the recent Devnet outage investigation, and the patch for this vulnerability is about to be deployed. The Solana security team first noticed this problem in April 2022. “This fix removes the prerequisites needed to trigger the vulnerability, making for a simpler solution. A more complete fix will be included along with further improvements to LoadedPrograms and allowed to stabilize as part of the regular release cycle,” the report explained. This is Solana’s sixth major outage since its inception. Solana’s last outage occurred in February of last year.

#Solana