Sunday, Oct 24 2021 | Time 02:40 Hrs(IST)
image
Business Economy


Solana snag exposes ‘critical vulnerabilities' in open-source projects: Telos

Mumbai, Sep 21 (UNI) Solana blockchain’s 17-hour outage, which resulted in the network having problems validating transactions, exposes critical vulnerabilities in the way Solana counts and handles transactions, Douglas Horn, chief architect of Telos Blockchain, said on Tuesday.
Solana, on its official website, has stated that while the network was offline for 17 hours, no funds were lost, and the network return ed to full functionality in under 24 hours and that Solana is designed for adversarial conditions.
“The cause of the network stall was, in effect, a denial of service attack. At 1200 UTC, Grape Protocol launched their IDO on Raydium, and bots generated transactions that flooded the network. These transactions created a memory overflow, which caused many validators to crash forcing the network to slow down and eventually stall. The network went offline when the validator network could not come to an agreement on the current state of the blockchain, which prevented the network from confirming new blocks,” Solana stated.
It further said that at 1211 UTC, the validator community noticed the transaction spike and network slowdown and the community took steps to help the network recover but were unsuccessful.
“These transactions flooded a system known as the forwarder queue, causing the memory used by this queue to grow
without limits. The transactions that were encoded into blocks were resource-heavy to process. The combination of the unbounded growth of the forwarder queues and resource-heavy blocks caused block producers to automatically propose a number of forks. The validator processes started to run out of memory and crash, and upon restart, the validators were unable to process all the proposed forks in time to catch back up with the rest of the network,” Solana stated.
Reacting to Solana’s statement, Mr Horn said blockchains should never stall if designed well and that a look at Solana’s purported transactions per second illuminates the key flaws in Solana's blockchain.
“A great portion of Solana transactions is not the user or smart contract transactions that networks like Ethereum (15 TPS) and Telos (10,000 TPS) process but instead include Solana’s thousands of critical consensus messages required by the chain. These processes are typically handled separately from on-chain transactions via a distinct communications channel -- for good reason. This differing design results in seemingly amazing scalability claims, which are entirely misleading. It is this design that forms a large part of why the Solana chain was locked up for over 12 hrs,” he explained.
He also said that mixing critical consensus messaging with regular transactions not only results in inflated TPS numbers but more critically exposes a large surface area of attacks on the blockchain.
“Also, the chain's lack of prioritization capabilities means when the Solana transaction queue becomes flooded, critical consensus message processing is displaced causing a lack of synching between nodes and eventually the forking that resulted in a stalled network. The best avoidance of this and other potential issues would not be to have these transactions mixed together. Nonetheless, prioritization of transactions was a factor yesterday that could have helped avoid Solana stalling from this specific exploit,” he said.
Mr Horn further said that the Solana fee model appears to be “immature in design” making it possible for someone to affordably flood the chain with too many transactions and blocking the critical consensus messaging from occurring in time.
“Again, separation of concerns is the most secure way to avoid this but allowing so many transactions to pass through without significant cost was a huge contributor,” he added.
UNI AAA SS 2019
More News
NCUI wants lead role in drafting nation policy on co-operatives

NCUI wants lead role in drafting nation policy on co-operatives

23 Oct 2021 | 6:34 PM

New Delhi, Oct 23 (UNI) With the government setting the ball rolling for a new national policy on co-operatives, leaders representing the sector have said that the focus of the proposed document should be on implementation and clearly defined action plans.

see more..
Tata Power collaborates with IIT Delhi to work on Smart grid Technologies, Startups and Innovation

Tata Power collaborates with IIT Delhi to work on Smart grid Technologies, Startups and Innovation

23 Oct 2021 | 6:27 PM

Kolkata, Oct 23 (UNI) Tata Power, one of India's largest private sector integrated utilities and the
Indian Institute of Technology (IIT) Delhi, country's leading research institute, have signed a Memorandum of Understanding (MoU) to collaborate in areas like Smart grid Technology, Clean
Energy solutions.

see more..

MCL dispatches a record 5 56 lakh tones of coal on Oct 22

23 Oct 2021 | 4:19 PM

Bhubaneswar, Oct 23 (UNI) Mahanadi Coalfields Limited (MCL) has touched a new high with dispatch of 5.56 lakh tonne coal to consumers on Friday, maintaining the average daily supply during the current month above 5.21 lakh tonnes.

see more..

UL Cyberpark support, services instrumental in growth of 'Retailcloud' : Kevin Colaco

23 Oct 2021 | 2:09 PM

Kozhikode, Oct 23 (UNI) Mr Kevin Colaco, Founder and Chief Executive Officer of Indian Development Centre of California-based IT Company 'Retailcloud' on Saturday commented that the support and services received from the UL Cyberpark here has been instrumental in the growth of Retailcloud.

see more..

Great Place to Work® Certification Announcement: Qapitol QA Is Now Great Place to Work-Certified™

23 Oct 2021 | 1:41 PM

BENGALURU, India, Oct. 23, 2021 /PRNewswire/ - Qapitol QA has been Great Place to Work®-Certified in India (from August, 2021 to August, 2022). Their endeavour and commitment to make Qapitol QA a great place to work now gets an official endorsement from the Great Place to Work Institute.

see more..
image