Home » Solana slams “inaccurate” Security issues with Saga phones as reported by CertiK

Solana slams “inaccurate” Security issues with Saga phones as reported by CertiK

CertiK asserts that there is a serious "bootloader vulnerability" in Solana's Saga smartphone; however, Solana Labs disputes CertiK's assertions.

by V. Sinclair
0 comment

According to Solana Labs, a recent video from blockchain security company CertiK made a number of “inaccurate” claims regarding a possible security flaw in Solana’s cryptocurrency-enabled Saga phone.

The Saga phone was allegedly subject to a “critical vulnerability” that could be exploited by a malicious actor to install a hidden backdoor through a “bootloader unlock” attack, according to a post made by CertiK on X (previously Twitter) on November 15.

The bootloader unlock, according to CertiK, would “allow an attacker with physical access to a phone to load custom firmware containing a root backdoor,” according to a report sent to Cointelegraph.

According to CertiK’s report, “We demonstrate that this can compromise the most sensitive data stored on the phone, including private keys for cryptocurrencies.”

A Solana Labs representative, however, informed Coinbrit that CertiK’s assertions are untrue and that the Saga device poses no real threat from its footage.

“The CertiK video does not reveal any known vulnerability or security threat to Saga holders.”

According to the official Open Source Project documentation from Android, a variety of Android devices can have their bootloaders unlocked.

According to Solana Labs, an attacker would need to complete a number of steps—steps that can only be taken after the device has been unlocked using the user’s passcode or fingerprint—in order to unlock the bootloader and install custom firmware.

“Unlocking the bootloader wipes the device, which is a process that can take place without users’ active participation or awareness,” according to Solana Labs. Users are alerted about this multiple times during the unlocking process.

In addition, a number of cautions about the potential consequences are displayed to the user if they choose to unlock the bootloader on an Android device.

Their private keys and the device will be deleted if they disregard these alerts.

The $1,099 Solana Saga phone went on sale in April of 2022. In an effort to incorporate cryptocurrency apps into tech hardware, the phone provides a Web3-native DApp store.

However, Solana cut its price to $599 four months after launch due to a sharp drop in sales.

A request for comment regarding Solana Labs’ rebuttal was not immediately answered by CertiK.


Related Posts :

footer logo

@2023 – All Right Reserved.

Incubated bydesi crypto logo