en.coin-turk.com
The Solana Foundation has unveiled a series of new initiatives aimed at strengthening the security of decentralized finance (DeFi) platforms running on its network. These efforts come in the wake of a recent major cyberattack on the Drift Protocol, attributed to a North Korea-linked group, which resulted in the theft of $270 million. The incidents have highlighted the urgent need for more robust safeguards across the ecosystem.
Comprehensive audits with Stride and SIRN
At the heart of the Foundation’s efforts is the newly launched Stride program, which is managed by Asymmetric Research. Stride will subject DeFi protocols on Solana to assessments across eight core security domains, with the findings to be made publicly available. Alongside Stride, the Foundation has established the Solana Incident Response Network (SIRN)—a members-only group composed of security specialists designed for real-time crisis intervention. Together, these initiatives seek to increase transparency and provide rapid response capabilities across the Solana DeFi landscape.
The necessity for such measures became evident following the Drift attack, which exposed several security shortfalls. However, investigations have clarified that the breach did not directly compromise smart contracts or audited code. Instead, the attackers focused on human vulnerabilities, infiltrating the system through malicious software and social engineering tactics targeting project team members over a six-month period.
For protocols with more than $10 million in total value locked (TVL) that successfully meet the Stride assessment criteria, ongoing operational cybersecurity monitoring will be provided. The level of monitoring and support will be tailored based on the individual risk profiles of each protocol, reflecting both their asset size and security needs.
Formal verification and operational support
In the case of protocols managing over $100 million in TVL, the Foundation will lend support for formal verification processes. This advanced method systematically checks all potential smart contract operations using mathematical models, with the aim of ensuring code correctness and reliability before deployment. Such rigorous verification provides added confidence in the underlying smart contracts that form the backbone of leading DeFi protocols.
The founding members of the Stride program include not only Asymmetric Research, but also security firms OtterSec, Neodyme, Squads, and ZeroShadow. The SIRN network, meanwhile, is open to participation from any project within the Solana ecosystem. Nevertheless, in terms of resource allocation, priority will be given to protocols with higher value locked to help mitigate the risk to the most critical infrastructure.
Despite the advanced nature of formal verification, experts caution that it would not have detected the recent attack attributed to North Korean hackers. The breach allowed attackers to access administrative privileges via compromised devices belonging to team members, enabling them to authorize malicious transactions. This type of infiltration typically falls outside the scope of traditional monitoring mechanisms.
On another front, SIRN is expected to significantly improve response times to future incidents. Blockchain security researcher ZachXBT emphasized that Circle Internet, the issuer of the USDC stablecoin, faced criticism for waiting over six hours before freezing more than $230 million in stolen assets following the Drift incident, suggesting the need for swifter action during emergencies.
The Solana Foundation highlighted that these new programs are not meant to shift primary security responsibilities away from protocol teams, who remain accountable for their own safeguards. To bolster these efforts, a suite of free security tools has been developed for Solana developers, assisting them in threat detection and conducting attack simulations to stay proactive in a rapidly evolving threat landscape.