Following Part 1: understanding SPL Token Mint, this article introduces the technical details of the SPL associated token program, another popular official Solana smart contract.

Recently, Charlie You disclosed a vulnerability in the Jet Protocol. The vulnerability would have caused $20m loss of Jet users’ funds if exploited. Fortunately, Jet patched it before any user was affected. sec3 team identified something tricky in Jet-v1’s code and had a discussion with Charlie shortly after the disclosure. It turns out that the vulnerability has a different cause (unexpected by Charlie)

The Cashio stablecoin (CASH) protocol recently lost $50M in an attack. The attacker was able to mint 2,000,000,000 CASH tokens for almost free. The root cause is a vulnerability in the Cashio’s brrr smart contract. Soteria team conducted an in-depth analysis of the attack. Importantly, the vulnerability can be automatically detected by Soteria’s Premium Auto Auditor. This article elaborates on the details.

Most user-deployed Solana smart contracts (directly or transitively) use the token program to mint/transfer/burn tokens (i.e., SPL tokens). SPL tokens are similar to ERC20/ERC721 token with tricky differences. In this article, we elaborate on the SPL tokens and introduce the internals of the most commonly used instructions in the token program.

We are glad to announce the first release of Sec3 Premium: an auto-auditing service offered by Sec3 team to scan a large list of security vulnerabilities in Solana smart contracts.

Recently, an attacker was able to steal more than $320 million from Wormhole, a popular bridge linking Solana and Ethereum. This article describes how we enhance our X-Ray tool and detect the vulnerability.

Following Part 3: the TPU, this article elaborates on the bank module, a core component of Solana blockchain.

Solana recently experienced severe performance degradation due to network congestion. The TPS (number of transactions processed per second) dropped by orders of magnitude (from thousands to tens) for several hours. Technically, this problem is caused by performance bugs in Solana, in particular — the transaction processing unit (TPU). This article elaborates on the design of the TPU and highlights some intricacies.

What happens inside Solana when you deploy a smart contract to the Solana Mainnet? Can a Solana program be modified or closed? How to upgrade a Solana program? Who is authorized to change a Solana program? This article focuses on the upgradability of Solana programs and highlights some intricacies.

Solana has a few built-in (native on-chain) programs (e.g., system_program, spl_token, stake, vote, ed25519, etc) that provide essential instructions and are generally trusted. In this article, we introduce the internals of these programs, and highlight some of the intricacies.

This article describes our journey in discovering the vulnerability and constructing the PoC. We note that the stake-pool code was audited before by multiple companies, which motivates the need of a more comprehensive and systematic audit process.

Following Part 3: penetration testing, this article introduces the internals of Anchor, a popular framework for writing and testing Solana smart contracts.

In this article, we introduce a few penetration testing tools to help detect vulnerabilities in Solana or Rust programs in general.

sec3 project is honored to announce it received a grant from Solana Foundation. sec3 team will continue to build tools and services for developers and builders in Solana Ecosystem to tackle security challenges. Thanks!

Following Part 1: a systematic approach, this article introduces a few automated scanning tools to help audit Solana smart contracts.

In this article series, we will introduce a systematic approach including a few automated techniques for auditing Solana smart contracts.

Recently, using X-Ray, we identified a vulnerability in an on-chain Solana smart contract (jet-v1) and have been awarded a bug bounty. We thank the Jet Protocol team and Immunefi for their quick responses and generous support. The fix has been applied in this commit. This article shares our bug hunting experience with X-Ray.

Rust is a popular language used in blockchains such as Solana and Polkadot. For many developers, it may be a misconception that Rust is memory-safe so it is free of arithmetic overflow/underflows. This article explains why Rust programs still suffer from arithmetic errors, how these issues affect blockchain security, and how to deal with them in smart contracts.

This article introduces X-Ray, a security tool that automatically scans Solana programs to detect common security pitfalls.

Why Solana programs are faster than Ethereum smart contracts? What are their key differences? This article explains an essential difference between the two and illustrates two common security pitfalls in Solana programs.