In August 2022, the OptiFi team experienced a glitch during the deployment of an update to the project’s program on Solana. The mistake permanently locked 661,000 USDC held in the contract, 95% of which was owned by team members.
Inside the Incident
Updates to Solana programs — analogous to smart contracts on other chains — are a common process to add functionality or correct security flaws. While blockchain ledgers are designed to be immutable, meaning that previous versions of the code remain on the blockchain, programs and smart contracts can be designed to be updatable.
This August, an update to the OptiFi program was deployed to Solana; however, during the update process, the team experienced significant network latency, delaying the update. As a result, the team terminated the update process, causing the USDC held within the program to be transferred to a buffer address.
The problem arose when the team attempted to use the solana program close command to recover the transferred assets. In the past, the team had successfully recovered similarly transferred SOL tokens in this way.
In this case, attempts to redeploy the program with the same program ID and recover the assets resulted in an error. After consulting with Solana developers, the team learned that the solana program close command is intended to permanently close a program.
While the program can be redeployed on the Solana blockchain, it will have a new program ID. Since the assets stored within the program — including an estimated 661,000 USDC — used program derived assets (PDAs), they will not be accessible with the new program ID.
Lessons Learned
The OptiFi incident was made possible by a lack of understanding of the details of how Solana programs and commands work. In the wake of an unexpected event — terminating the program update due to poor network performance — the team took recovery actions that resulted in the loss of a significant quantity of assets.
This underscores the importance of developing and implementing processes for correctly handling unforeseen events when working with high-risk activities, such as updates to blockchain-based programs or smart contracts. To consult with Halborn’s Solana experts on developing safe update processes, reach out at halborn@protonmail.com.