#solana

8 posts tagged with solana.

Solana: the hidden dangers of lamport transfers

Solana’s lamport transfer logic hides dangerous edge cases — from rent-exemption quirks to write-demotion traps. We dissect a deceptively simple smart contract game to expose how transfers to arbitrary accounts can silently fail, brick your program, or crown an eternal king.
Nicola Vella

Solana multisig security

What can teams do if their multisig signers are compromised? We explore Solana's transaction signing model and present a procedure for safe signing in the presence of malicious signers on Solana.
Robert Chen

Solana formal verification: a case study

We present a novel framework for formal verification of Solana Anchor programs — and a case study application to the Squads multisig.
Harrison Green

Reverse engineering Solana with Binary Ninja

An introduction to our open-source Binary Ninja plugin for blackbox Solana program analysis along with an executive reference to the Solana runtime.
Harrison Green

The story of the curious rent thief

A tale of pickpockets preying on the Solana ecosystem. Read our investigation into the persistent theft of rent from uninitialized accounts. This is the story of the Solend rent thief.
OtterSec

Becoming a millionaire, 0.000150 BTC at a time

How we discovered a critical issue in Solana's stable swap implementation. A story about arbitrage and rounding.
OtterSec

Solana: an auditor's introduction

A security-focused introduction to Solana, exploring the underlying runtime environment, security boundaries, and implications. An important resource for all developers who want to write more secure code.
OtterSec

The $200m bluff: cheating oracles on Solana

How we fooled oracles to beat the house. An exploration into liquidity tokens and oracle price manipulation.
OtterSec