Solana Wallets Got Hacked: Let’s Review The Safety & Utility Of Internet Computer Wallets
There’s nothing to celebrate about DeFi, smart contract, code, and blockchain wallet hacks and exploits. However, with each one comes a new lesson — the blockchain and DeFi ecosystems still aren’t safe enough and free from malicious actors — greater security protocols and measures are needed.
However, there’s also a reoccurring theme, many of these wallet hacks are happening on Solana, BSC, and THORChain.
Most recently, as of yesterday in fact, a huge hack occurred on Solana where Phantom and Slope wallet users were drained of their funds. Unfortunately, the transactions were being signed by the wallet owners themselves on chain. So there’s lots of uncertainty as to how this happened. Moreover, it appears it was an iOS hot wallet hack, and no cold (hardware) wallets were impacted.
In greater detail, an exploit allowed a malicious actor to drain funds from a number of wallets on Solana, of which it appears 8,000+ wallets were affected. Essentially, a widespread Solana private key compromise occurred.
Solana engineers together with other ecosystems and security firms are further investigating the issue and have recommended that users use hardware wallets, do not reuse their seed phrase, and to create a new seed phrase. Lastly, they said that drained wallets should be treated as compromised and abandoned.
How Does This Relate To Other Ecosystems & The Industry?
This hack is another setback for the industry, but not yet a nail in the coffin for Solana. However, Solana has been dealt the greatest number of blows in terms of this and network outages, which it again experienced yesterday. However, this problem extends to Ethereum bridges, Binance Smart Chain (BSC), THORChain, and other DeFi protocols.
So to avoid these problems, many investors, traders, developers, and Web3 app users may shift away from these risky chains and on to more secure blockchains and ecosystems, for example the Internet Computer.
A humorous tweet yesterday began being re-shared around Twitter where a famous crypto figure originally tweeted out a thought that suggested speed over security. And of course, this was picked up yesterday after the hack occurred as an example of why you can never sacrifice on security.
This brings us back to the blockchain trilemma of achieving security, scalability, and decentralization all in one. Many blockchains in some shape or form do indeed have to make the tradeoff, such as Ethereum with scalability, Solana with security/decentralization, and BSC again with decentralization. This again brings us back to the Internet Computer. The Internet Computer doesn’t need to make these tradeoffs. It has blazing speed, top of the rank security, and network decentralization via independent data centers.
Internet Computer Security
There are a few features that make the Internet Computer secure. First, is its network architecture of independent data centers. Second, is a technological innovation called Chain Key Cryptography. Third, is a blockchain authentication system called Internet Identity.
For the purpose of assessing Internet Computer’s security vis-a-vis Solana’s, the second and third aspects are most important.
First, on Chain Key Cryptography. Chain Key Cryptography is a set of cryptographic protocols that orchestrate the nodes that make up the Internet Computer. It does this by having a single public key that serves as a sort of consensus mechanism for making sure transactions and communications between nodes on the Internet Computer are trusted and right.
Second, on Internet Identity. Internet Identity is a blockchain authentication framework supported by the Internet Computer. Similar to regular hot wallets on traditional blockchains, Internet Identity helps users login to DApps on the Internet Computer. However, Internet Identity is not a monetary wallet in itself. It’s in fact the sign-in and authentication mechanism that gets you into the app or wallet of your choice. This does also depend on the sign-in preferences of the user, if they like to have a password or private key or simply an Internet Identity verifier number.
What’s great about the Internet Identity is unlike Solana and other blockchain bridges it cannot be hacked. This is because of the Internet Computer’s superior cryptography.
So let’s see how the Internet Computer’s security benefits translate to the wallets currently available in the ecosystem.
Exploring The Internet Computer Wallet Ecosystem
There are wallets on the Internet Computer that are similar to MetaMask style wallets that require a password and seed phrase. However, as seen with Solana, these may not be the best choice for some people — but regardless, the Internet Computer has proven its security and so far no wallet hacks like this have occurred.
One wallet that can completely avoid the Solana wallet hack issue is Stoic. Stoic is safe because it allows you to sign in with Internet Identity, which is the blockchain authentication system above that requires you to be on your device and present with your biometrics to sign in. So the only way someone can hack you is if they have your fingerprint or your face, which as long as Tom Cruise in Mission Impossible is not after you, then you’re in the clear.
Because of this safety precaution feature by Stoic, it’s the wallet of choice and recommendation from the Internet Computer wallet ecosystem. However, if you’re interested in exploring other wallet applications on the Internet Computer, you can check out Plug and Earth Wallet.
