Solana Denies Saga Phone Vulnerability

Reading Time: 2 minutes
  • Solana has denied that its Saga phone has a bootloader vulnerability
  • Blockchain auditing firm Certik claimed that the phone had a critical flaw, but the community quickly set them straight
  • Solana then backed up the community’s claims, saying that it was a flaw that users would have to effectively invite themselves

Solana has denied that its web3 phone, Saga, has a vulnerability after accusations from blockchain security firm Certik that it could be compromised. Certik claimed yesterday that the phone has a bootloader vulnerability, a backdoor that can supposedly be installed on the device allowing the booting software to be hacked. However, the company’s claims were immediately challenged by the Android community and Solana has now come out to dismiss them itself, stating that the threat of a bootloader compromise is common to many Android phones and not just its device.

Certik Gets Laughed Out of Town

Certik posted a video on X yesterday in which it showed the Solana Saga phone, which launched last June, being hacked through the bootloader exploit:

However, the crypto and Android community was quick to call out Certik on its claims, saying that the vulnerability it had ‘discovered’ was in fact common to many types of Android phone and wasn’t particular to the Solana Saga device:

Solana also responded to the claims, echoing those of the community, with a Solana Labs spokesperson telling Blockworks that the suggestion of a vulnerability was wide of the mark:

Unlocking the bootloader is an advanced feature of Saga, and is disabled by default. Unlocking the bootloader is not a security vulnerability – a user must explicitly allow such changes to be made to their device, and those changes can only be made by an authorized user of the phone.

The company added that unlocking the bootloader requires a user to take multiple steps, which can only be performed after authentication, and it also wipes the device, with plenty of warnings offered along the way. This means that there is zero chance of a user accidentally doing so.

Certik suggested to Solana that bootloader unlocking restrictions should be strengthened to prevent potential exposure of plaintext data, including private keys, warning of a hidden root backdoor compromising device security. Solana refuted this claim, too, emphasizing the Seed Vault’s role in securing user seed phrases and digital assets, urging Saga users to enable it.

Seriously Certik, go back to auditing blockchains. Or second thoughts, perhaps not.