Online reports that Solana web validators have successfully avoided a potential disaster by launching a patch that fixes a vulnerability in a program. If the vulnerability is exploited, an attacker could mince unlimited amounts of certain tokens or withdraw those tokens from any account. This vulnerability only affects Token-22 secret tokens. The problem lies in the ZK ElGamal certification program, which verifies encrypted balances and ensures the accuracy of zero-knowledge certificates. According to a post facto report by the Solana Foundation, some algebraic components of the ZK ElGamal proof program on the chain were not included in the hash used to generate the Fiat-Shamir transformation. Complex attackers can take advantage of these unhashed components to develop forged certificates that allow them to perform unauthorized operations through verification.