Portal

Wormhole's Solana bridge program contained a `verify_signatures` instruction that read guardian signatures from the Solana instructions sysvar. The implementation used the deprecated `solana_program::sysvar::instructions::load_instruction_at` helper instead of the checked variant `load_instruction_at_checked`, which would have validated that the supplied account was the true sysvar at address `Sysvar1nstructions1111111111111111111111111`. The attacker passed a fabricated account in the sysvar position containing a forged `Secp256k1` instruction, so `verify_signatures` happily 'verified' a guardian-signed VAA that none of the real guardians had signed. With the spoofed VAA, the attacker called `complete_wrapped` on the token bridge and minted 120,000 wETH on Solana, bridging ~$326M out. A fix swapping in the checked sysvar loader had already been merged in the public GitHub repo but was not yet deployed to mainnet.