Solana Labs has responded to claims made by CertiK regarding a potential security vulnerability in Solana’s Saga smartphone. CertiK claimed that the phone contained a critical “bootloader vulnerability” that could allow a malicious actor to install a hidden backdoor. However, Solana Labs stated that CertiK’s claims are inaccurate and that there is no known vulnerability or security threat to Saga holders. They explained that unlocking the bootloader and installing custom firmware would require multiple steps and the user’s passcode or fingerprint. Additionally, warnings are given about the implications of unlocking the bootloader, and if ignored, the device will be wiped along with private keys. Solana’s Saga phone was released in April 2022 but saw a price reduction to $599 four months later due to declining sales. CertiK has not yet responded to Solana Labs’ rebuttal.
Summary:
– CertiK claimed Solana’s Saga phone had a critical “bootloader vulnerability”
– Solana Labs stated that CertiK’s claims are inaccurate and there is no known vulnerability or security threat
– Unlocking the bootloader and installing custom firmware requires multiple steps and user authentication
– Warnings are given about the implications of unlocking the bootloader, and ignoring them results in device wipe
– Solana’s Saga phone saw a price reduction to $599 four months after release due to declining sales.