April 1, 2022
★Featured★
On a $20M Bug in Jet Protocol
Recently, Charlie You disclosed a vulnerability in the Jet Protocol. The vulnerability would have caused $20m loss of Jet users’ funds if exploited. Fortunately, Jet patched it before any user was affected. sec3 team identified something tricky in Jet-v1’s code and had a discussion with Charlie shortly after the disclosure. It turns out that the vulnerability has a different cause (unexpected by Charlie)
March 24, 2022
★Featured★
CashioApp Attack - What’s the Vulnerability and How X-Ray Detects It
The Cashio stablecoin (CASH) protocol recently lost $50M in an attack. The attacker was able to mint 2,000,000,000 CASH tokens for almost free. The root cause is a vulnerability in the Cashio’s brrr smart contract. Soteria team conducted an in-depth analysis of the attack. Importantly, the vulnerability can be automatically detected by Soteria’s Premium Auto Auditor. This article elaborates on the details.
March 21, 2022
★Featured★
Solana Programs Part 1: Understanding SPL Token Mint
Most user-deployed Solana smart contracts (directly or transitively) use the token program to mint/transfer/burn tokens (i.e., SPL tokens). SPL tokens are similar to ERC20/ERC721 token with tricky differences. In this article, we elaborate on the SPL tokens and introduce the internals of the most commonly used instructions in the token program.
January 23, 2022
★Featured★
Solana Internals Part 3: The Transaction Processing Unit (TPU)
Solana recently experienced severe performance degradation due to network congestion. The TPS (number of transactions processed per second) dropped by orders of magnitude (from thousands to tens) for several hours. Technically, this problem is caused by performance bugs in Solana, in particular — the transaction processing unit (TPU). This article elaborates on the design of the TPU and highlights some intricacies.
January 16, 2022
★Featured★
Solana Internals Part 2: How Is a Solana Program Deployed and Upgraded
What happens inside Solana when you deploy a smart contract to the Solana Mainnet? Can a Solana program be modified or closed? How to upgrade a Solana program? Who is authorized to change a Solana program? This article focuses on the upgradability of Solana programs and highlights some intricacies.
December 31, 2021
★Featured★
Solana Internals Part 1: What Are the Native On-Chain Programs and Why Do They Matter?
Solana has a few built-in (native on-chain) programs (e.g., system_program, spl_token, stake, vote, ed25519, etc) that provide essential instructions and are generally trusted. In this article, we introduce the internals of these programs, and highlight some of the intricacies.
December 17, 2021
★Featured★
Solana Stake Pool: A Semantic Inconsistency Vulnerability Discovered by X-Ray
This article describes our journey in discovering the vulnerability and constructing the PoC. We note that the stake-pool code was audited before by multiple companies, which motivates the need of a more comprehensive and systematic audit process.
October 23, 2021
★Featured★
Solana Bug Bounty Hunting With X-Ray
Recently, using X-Ray, we identified a vulnerability in an on-chain Solana smart contract (jet-v1) and have been awarded a bug bounty. We thank the Jet Protocol team and Immunefi for their quick responses and generous support. The fix has been applied in this commit. This article shares our bug hunting experience with X-Ray.
October 14, 2021
★Featured★
Understanding Arithmetic Overflow/Underflows in Rust and Solana Smart Contracts
Rust is a popular language used in blockchains such as Solana and Polkadot. For many developers, it may be a misconception that Rust is memory-safe so it is free of arithmetic overflow/underflows. This article explains why Rust programs still suffer from arithmetic errors, how these issues affect blockchain security, and how to deal with them in smart contracts.
October 7, 2021
★Featured★
From Ethereum Smart Contracts to Solana Programs: Two Common Security Pitfalls and Beyond
Why Solana programs are faster than Ethereum smart contracts? What are their key differences? This article explains an essential difference between the two and illustrates two common security pitfalls in Solana programs.
August 26, 2021
★Featured★
Why gas fees are crazily high on Ethereum and what’s the rescue?
Transaction fees on Ethereum are crazily high recently. A token swap sometimes costs over $1000 gas fees, why? This article explains the underlying reasons and introduces a new solution that significantly reduces gas fees.