Security
Auditing Solana smart contracts entails new and much advanced skills compared to Ethereum (which has established auditing rules in the last three years)
In this article, we introduce a few penetration testing tools to help detect vulnerabilities in Solana or Rust programs in general.
Following Part 1: a systematic approach, this article introduces a few automated scanning tools to help audit Solana smart contracts.
Examples of common exploits unique to the Solana programming model and recommended idioms for avoiding these attacks using the Anchor framework.
Solana development is error-prone. Often, people cite Anchor as a remedy to this problem: “write it in Anchor, and your Solana programs will be secure.” Not so fast! There are still many gotchas even when using Anchor. Let’s explore some of them.
This document contains Drift's bug bounties, specifically for Drift's smart contract code; UI only bugs are omitted. This program is specific to smart contract code, and separate from Drifts other bounty program which includes both technical and non technical bounties to be earned.
Smart contracts more like rockets than web dev: 1. You only get one shot to get it right 2. Finite time to write secure code, hackers have infinite time to hack
Solana is a fast-growing blockchain with a unique type of smart contracts called programs. This article introduces Soteria, a security tool that automatically scans Solana programs to detect common security pitfalls.
Here, we look at Solana smart contracts from an attacker's perspective. By learning how to find and exploit different types of issues, you'll be able to write more secure contracts as you'll know what to watch out for.