Besides rigorous internal code reviews and external auditing, we are frequently asked by our customers: what we should do to keep our protocol safe once it's deployed on the chain?

read this blog on two important caveats of using associating token accounts as learned by the Sec3 core team

sec3 announces the first release of WatchTower: an in-situ threat monitoring service for Solana smart contracts to detect, prevent and stop security attacks in real time.

Solana ecosystem has seen super rapid growth while witnessing multiple hacks (involving Wormhole, CashioApp, CremaFinance, Nirvana, and Slope Wallet), which collectively caused close to $400 million losses. In this article, we review the essence of these hacks and aim to find effective solutions to prevent such attacks in the future.

The same seeds with multiple valid bumps can have crucial security implication: PDAs can be faked if their bump seeds are not validated