Random

Software Architecture • Application Security • Research and Development • ...

Hey everyone! We're Neodyme, a team of security researchers who have spent the past ~12 months inspecting the internals of the Solana blockchain. Over the course of our research, we discovered and reported several vulnerabilities in the Solana core code, ultimately helping to secure the chain against attackers. A few months ago, we were sponsored by the Solana Foundation to also set up a peer review system for smart contracts that are important for the Solana ecosystem. Since then, we've been working with developers from a range of projects building on Solana to assist them in securing their contracts. We've audited dozens of contracts, using our unique experience with Solana to uncover many exploitable bugs. During these audits, we've discovered intricate vulnerabilities in some of the major projects on the chain, and our reviews helped prevent the potential theft of roughly USD 1 billion worth of assets. However, as Solana is such a rapidly growing ecosystem, we have nowhere near enough capacity to manually audit every new contract to our standards. Instead, we'll be sharing some of the knowledge we've built over the course of our many audits in this blog, in hopes that developers and other auditors will be able to make use of it. In this post, we want to raise awareness about the five most common vulnerabilities in Solana contracts that we keep finding during our audits. We'll keep the vulnerability descriptions short and concise and provide a simplified example as well as a TL;DR for each vulnerability so that you can easily reference them while coding.

Blockchain, Cybersecurity and Complex Systems

Computing and Accumulating Interest On-chain Austin Williams

A Multi-Scale DAO Ecosystem Mapping Tool Towards Computer-Aided Governance

Aave protocol launched a bit less than a month ago and is already gaining traction with a bit more than 11M$ in protocol Market Size.

Events Under the Spotlight 🔎