Solana Labs has responded to claims made by blockchain security firm CertiK in a recent video, stating that CertiK's assertions regarding potential security vulnerabilities in Solana's encrypted Saga phone are "inaccurate." The controversy arose after CertiK's report suggested that unlocking the bootloader on Solana's Saga phone could enable an attacker with physical access to load custom firmware, potentially containing a root backdoor that might compromise sensitive data, including cryptocurrency private keys.
However, according to a Solana Labs spokesperson in a statement on November 15, they disputed CertiK's assertions, affirming that the video released by CertiK did not expose any genuine threats to Saga devices. Solana Labs maintained that the claims made by CertiK were not reflective of any known vulnerabilities or security risks for Saga holders.
The Solana Labs spokesperson highlighted information from Android's internal open-source project documentation, indicating that bootloader unlocking is feasible on various Android devices. They clarified that unlocking the bootloader and installing custom firmware requires several steps that can only be executed after unlocking the device using the user's password or fingerprint.
Additionally, Solana Labs emphasized that unlocking the bootloader triggers a device wipe, and users are presented with multiple warnings during this process. They stressed that this sequence cannot occur without the active participation or awareness of the device user. Furthermore, if someone proceeds to unlock the bootloader on an Android device despite the warnings, the device and its private keys would be wiped clean.
The Solana Saga phone, initially set to be released in April 2022 at a price of $1,099, boasted features such as a Web3-native decentralized app store tailored to incorporate cryptographic apps into hardware. However, the phone faced declining sales four months post-launch, prompting Solana to slash its price to $599. This reduction was due to the substantial decrease in demand for the device in the market.
