- Solana has denied that its Saga phone has a bootloader vulnerability
- Blockchain auditing firm Certik claimed that the phone had a critical flaw, but the community quickly set them straight
- Solana then backed up the community’s claims, saying that it was a flaw that users would have to effectively invite themselves
Solana has denied that its web3 phone, Saga, has a vulnerability after accusations from blockchain security firm Certik that it could be compromised. Certik claimed yesterday that the phone has a bootloader vulnerability, a backdoor that can supposedly be installed on the device allowing the booting software to be hacked. However, the company’s claims were immediately challenged by the Android community and Solana has now come out to dismiss them itself, stating that the threat of a bootloader compromise is common to many Android phones and not just its device.
Certik Gets Laughed Out of Town
Certik posted a video on X yesterday in which it showed the Solana Saga phone, which launched last June, being hacked through the bootloader exploit:
Ever wondered about the security of your Web3 devices?
Our newest exploration reveals a significant bootloader vulnerability in the Solana Phone, a challenge not just for this device but for the entire industry. Our commitment to enhancing security standards is unwavering. 🔐… pic.twitter.com/lHZ5W7hXzy
— CertiK (@CertiK) November 15, 2023
However, the crypto and Android community was quick to call out Certik on its claims, saying that the vulnerability it had ‘discovered’ was in fact common to many types of Android phone and wasn’t particular to the Solana Saga device:
I didn’t realize you guys had become Android security experts lol
Any Android phone can do this via bootloader unlock
— peachmint (@peachmint00) November 15, 2023
Pretty pathetic effort to smear the name of Solana Mobile.
Unlocking the bootloader is common for all Android devices.
More importantly, your “hack” showing a drain of crypto doesn’t use the built-in Seed Vault, but an unrelated 3rd party wallet. This is disingenuous and false.
— Smartblaa (@smartblaa) November 16, 2023
Solana also responded to the claims, echoing those of the community, with a Solana Labs spokesperson telling Blockworks that the suggestion of a vulnerability was wide of the mark:
Unlocking the bootloader is an advanced feature of Saga, and is disabled by default. Unlocking the bootloader is not a security vulnerability – a user must explicitly allow such changes to be made to their device, and those changes can only be made by an authorized user of the phone.
The company added that unlocking the bootloader requires a user to take multiple steps, which can only be performed after authentication, and it also wipes the device, with plenty of warnings offered along the way. This means that there is zero chance of a user accidentally doing so.
Certik suggested to Solana that bootloader unlocking restrictions should be strengthened to prevent potential exposure of plaintext data, including private keys, warning of a hidden root backdoor compromising device security. Solana refuted this claim, too, emphasizing the Seed Vault’s role in securing user seed phrases and digital assets, urging Saga users to enable it.
Seriously Certik, go back to auditing blockchains. Or second thoughts, perhaps not.