Home>BLOCKCHAIN>Solana hoses down ‘inaccurate’ CertiK report on Saga telephone safety flaws

Solana hoses down ‘inaccurate’ CertiK report on Saga telephone safety flaws

A current video from blockchain safety agency CertiK made a sequence of “inaccurate” claims a few potential safety vulnerability in Solana’s crypto-enabled Saga telephone, Solana Labs has mentioned. 

In a Nov. 15 submit on X (previously Twitter), CertiK claimed the Saga telephone contained a “vital vulnerability” often known as a “bootloader unlock” assault which might supposedly enable a malicious actor to put in a hidden backdoor within the telephone.

In a report despatched to Cointelegraph, CertiK claimed the bootloader unlock would “enable an attacker with bodily entry to a telephone to load customized firmware containing a root backdoor.”

“We display that this will compromise probably the most delicate knowledge saved on the telephone, together with cryptocurrency personal keys,” CertiK’s report mentioned.

Nevertheless, a Solana Labs spokesperson instructed Cointelegraph that CertiK’s claims are inaccurate, and its video didn’t reveal any respectable menace to the Saga machine.

“The CertiK video doesn’t reveal any identified vulnerability or safety menace to Saga holders.”

Android’s inner Open Supply Mission documentation reveals unlocking a bootloader may be carried out throughout a variety of Android units.

Solana Labs mentioned to unlock the bootloader and set up customized firmware, an attacker must undergo a number of steps, which may solely be carried out after unlocking the machine with the consumer’s passcode or fingerprint.

“Unlocking the bootloader wipes the machine, which customers are alerted about a number of occasions when unlocking the bootloader, so it’s not a course of that may happen with out customers’ energetic participation or consciousness,” Solana Labs mentioned.

Associated: Making real-world blockchain solutions possible — Solana co-founder Raj Gokal

Moreover, if anybody proceeds to unlock the bootloader on an Android machine, they’re subjected to a sequence of warnings in regards to the implications of the method.

In the event that they ignore these warnings, the machine can be wiped together with their personal keys.

The Solana Saga telephone was released in April 2022 for a $1,099 price ticket. The telephone affords a Web3-native DApp retailer in a bid to combine crypto apps into tech {hardware}.

4 months after launch, nevertheless, Solana slashed its value to $599 — following a steep decline in gross sales.

CertiK didn’t instantly reply to a request for touch upon Solana Labs’ rebuttal.

Journal: I spent a week working in VR. It was mostly terrible, however…