Ginoah
Anatomist Security / Co-Founder
Co-Founder of Anatomist Security and former captain of the Balsn CTF team, recognized for achieving top-three placements in renowned CTFs such as DEF CON CTF and HITCON CTF. Former Red Team specialist at DEVCORE and experienced speaker at numerous conferences, including CYBERSEC, Hexacon, and DEVCORE Conf.
Premiere: 4/17 10:10 - 10:40
Replays: 4/17 16:10 - 16:40, 4/17 22:10 - 22:40
While extensive research has been conducted on all kinds of smart contracts, analysis of the underlying
infrastructure powering blockchains remains relatively rare, despite its far greater impact. This talk
explores a RCE vulnerability in Solana's validator, discovered during its transition to a new runtime
optimization in version 1.16. We will delve into Solana’s architecture, its runtime VM, and the evolution of
its data storage model that led to this flaw. The bug enables attackers to compromise the blockchain
entirely, allowing actions like minting tokens, exfiltrating validator keys, and ultimately achieving RCE.
Attendees will gain technical insights into the vulnerability and its exploitation process, offering insights
and guidance for future researchers.