Solana

0-day critical bug quietly patched in supermajority of Solana validators before public disclosure:

0-day critical bug quietly patched in supermajority of Solana validators before public disclosure: https://solana.com/news/post-mortem-may-2-2025

A doodler and computerer. I like permissive/permissionless open source, smart contracts, p2p systems, room-scale VR, and NixOS.

shazow.net

Currently: WhatsABI

This is a good thing, right? not a bad thing

Engineer @farcaster. Founder bountycaster.xyz

Ex Phantom, 0x Project engineer.

From Italy originally, currently live in NYC

Which part?

Is it good that there was a 0day in a supermajority of clients? Absolute not. This is why we deploy experimental cryptography on rollups with "training wheels" (what toly keeps criticizing for being "just a multisig"), why we have client diversity, why we do incentivized testnets/bounties, etc.

Is it good that a consensus change can be quickly and quietly implemented and deployed? I'd argue no, some things are supposed to easy and some are supposed to be hard, this is one of those things that is supposed to be hard for good reason.

Is it good that nobody was using this feature (according to mert) and nobody lost money? Yes.