Secret Network Vulnerability - 2022

The hack wherein all “private” transactions on the Secret Network could be decrypted happened during 2022. It was widely reported but the cause of why it happened is less well-known.

What caused the vulnerability in Secret Network?

Hardware with unpatched vulnerabilities (ÆPIC Leak and MMIO Vulnerabilities, announced by Intel on Aug. 9, 2022) was allowed to join the Secret Network and operate nodes. The same master decryption key in Secret Network is shared across all nodes.

The secrecy of the network totally depended on the least secure nodes in the network. Once any one of them was compromised, the secret key was leaked and so was user data.

This model is untenable for our purposes: considering an expanded list of hardware would increase the potential of an insecure node to exist.