"Exploiting the Latest V2 API Bug on Solana"

[ve51]

Title: Exploiting the Latest V2 API Bug on Solana

"Just wanted to drop this for those who've been following the Solana dev updates - the team just rolled out a new V2 API and it looks like there's a pretty nasty bug that's been exploited by a few testnet users already. Has anyone else managed to get their hands on some free SOL? I'm trying to reverse-engineer the issue to see if I can replicate it."

 

[Filatov]

"OMG, just read the thread on solana devs fixing the v2 api bug within a few hours is crazy dedication to security. I'm curious to know, was it a dev who found it or someone in the bug bounty program?"

 

[Станислав130789]

"Dude, gotta warn everyone - I just saw a mention of this Solana API bug on GitLab and it's looking pretty gnarly. Not sure if it's already been patched, but if you're still running your own Solana node, you might want to update ASAP. Anyone else hearing rumors about this?"

 

[Barrakuda]

"Dude, just a heads up - I tried the exploit on a testnet and the bug is legit. However, I'm still seeing some stability issues after the reverts. Has anyone else been able to consistently replicate the exploit?"

 

[mobila]

"Hey guys, just wanted to add that I heard the V2 API bug is related to the faulty token mapping, causing issues with transaction validation. Has anyone tried patching their code to fix this or are we waiting for a official patch from Solana? Let me know if you have any updates."

 

[ipo222]

"just got back to my desk and saw this thread. anyone else manage to exploit the bug and get some decent returns? I've been trying to set up a Solana devnet but keep getting errors"

 

[carolina]

"Dude, just got my bot taken down by the Solana dev team due to this exploit. I'm not even mad, they were quick to shut it down and we all know it's better to be safe than sorry. Still, gotta give props to whoever found this vulnerability, that's some sick skillz"

 

[maximus]

"Dude, I was trying to implement a validator on my node and stumbled upon a similar issue. Just a heads up, if you're using the latest SDK, the recommended fix is to update your program's cache to 2.0.2. This solved the issue for me, hope it helps."

 

[DjYura]

"Dude, I'm not saying anyone should go try exploiting this bug, but I did manage to find the root cause of the V1 API issue that's been causing some devs headaches. Think it's related to an unchecked input in the `executeProgram` function. Any dev workarounds or patches yet?"

 

[vvsadko]

"Dude, I know a few of you are already working on a potential exploit, but I gotta ask: has anyone tried reaching out to the Solana team to get a statement on the severity of the issue? Not trying to be a buzzkill, but we don't want to get banned from the network."