Solana has promptly addressed security concerns surrounding its Saga smartphone following a vulnerability claim by CertiK, a cybersecurity firm renowned for expertise in blockchain and crypto security.
CertiK’s recent video alleges a significant vulnerability related to a bootloader issue in the Saga phone, potentially enabling unauthorised backdoor access.
A screengrab from CertiK’s accompanying video shows the Solana phone’s screen following the backdoor install:
“The boot loader is unlocked and software integrity cannot be guaranteed. Any data stored on the device may be available to attackers, Do not store any sensitive data on the device.”
This concern centres on the possibility of installing a backdoor on the phone, compromising the initial software responsible for device startup — a sign, as CertiK suggests, of a hacked phone.
However, clarity is needed on whether this vulnerability is specific to Saga or extends to other Android devices.
In response, Steven Laver, Solana Lab’s lead software engineer of mobile, refuted any security threat to Saga users.
He clarified that bootloader unlocking, as highlighted by CertiK, is a standard feature in many Android devices, including Saga.
He emphasised that this advanced option is disabled by default, ensuring the safety of the average user.
“…the CertiK video does not reveal any known vulnerability or security threat to Saga holders. The video shows the user unlocking the bootloader, which is something that can be done on many Android devices.”
Android’s Open Source Project documentation supports this, outlining the ability to lock and unlock the bootloader, with unlocking requiring explicit user consent and resulting in a complete device wipe — a safeguard against unauthorised access.
“Unlocking the bootloader is an advanced feature of Saga, and is disabled by default. We believe in allowing users the choice of how they use their phone, however, unlocking the bootloader is not a security vulnerability – a user must explicitly allow such changes to be made to their device, and those changes can only be made by an authorised user of the phone. So it’s not a process that can take place without users’ active participation or awareness.”
While CertiK’s video demonstrated a potential drain of bitcoin from the phone’s wallet, it did not showcase the use of Seed Vault, a crucial element of Saga’s security framework.
Solana Labs integrated Seed Vault technology in June 2022, providing a fortified environment for secure transaction signing by leveraging the device’s most secure components, from the processor’s secure operating modes to dedicated Secure Elements.
Despite CertiK’s concerns, Saga has demonstrated resilience in the market.
Despite a price reduction from $1,000 to $599, attributed by Emmett Hollyer, head of business operations for Solana Mobile, to the norm in the consumer electronics sector, the phone maintains a significant presence.
Launched in April to merge Web3 functionalities with smartphone technology, the Solana Saga remains a notable entrant in the smartphone arena, designed to provide users with self-custody of their assets for a secure and comfortable mobile experience.