Drift Protocol, a Solana-based decentralized exchange (DEX), confirmed on Thursday that it had been the target of an approximately $280 million exploit, describing it as a “highly sophisticated operation.”
The platform reached out to X to share the findings of its initial investigation, alleging that the attackers exploited Solana persistent nonces, a mechanism that enables transactions with a pre-signed signature, to gain control and drain funds. The minutes previously stated that there was an lively attack and suspended deposits and withdrawals while coordinating with security companies, bridges and exchanges.
The attack began on Wednesday with the theft of multiple assets, including USDC (USDC) Circle and various altcoins. Onchain data later showed that the exploiter converted most of the assets to USDC and the funds were later transferred to Ethereum.
The incident has attracted attention not only because it appears to involve an abuse of Solana’s legitimate transaction feature rather than a elementary sharp contract failure, but also because funds flowed hourly between chains without being frozen, raising questions about the intervention of centralized stablecoin issuers.
What is the persistent nonce function of Solana?
Solana’s strong nonces are a unique feature allowing transactions to bypass certain expiration windows and allow users to pre-sign transactions for future execution, offline signing, or complicated multi-signature workflows.
Drift says the attacker used persistent, pre-signed one-time transactions to gain unauthorized administrative access and perform malicious actions quickly after submission.
Persistent nonces themselves are not commonly associated with stern exploits, but developers are excellent that features that enable delayed execution can introduce complexity and potential risk if misused or combined with other vulnerabilities.
Circle Answer Questions
The incident sparked criticism of issuer USDC Circle because the attacker took hours to convert $270 million into the stablecoin before it connected to Ethereum.
Onchain Detective ZachXBT and others said the company had at least six hours to freeze the funds but took no action, contrasting with previous cases where wallets were on the blacklist.
Some industry figures have pointed out the discrepancy between Circle’s ability to freeze funds and any obligations in this regard.
“Circle could freeze it. But it’s not required” – pseudonymous user Molu he wrote in Case
Related: Balancer Labs Shuts Down 4 Months After Over $100 Million Exploit. The protocol will continue
This incident adds to the ongoing debate about centralized platforms intervening in attacks, with ZachXBT repeatedly criticizing Circle on the issue.
Researcher before questioned Circle’s response to USDC was linked to the Bybit-related hack in tardy February, which prompted a response from Circle CEO Jeremy Allaire, who he said the company responds to requests from law enforcement agencies before freezing funds.
Warehouse: No one knows if quantum-secure cryptography will even work
