cryptodnes.bg
The new initiatives include the Stride program and the creation of the “Solana Incident Response Network” (SIRN)—a network of specialized companies and experts designed to coordinate incident responses in real time. The move comes amid mounting pressure on the DeFi sector to improve defenses against increasingly sophisticated threats, including those linked to state-sponsored hacking groups.
A Structured Approach to Security
Stride is designed as an assessment program that will analyze protocols within the Solana ecosystem based on eight key security criteria. The results will be made public, aiming to introduce greater transparency and standardization across the sector.
Protocols with over $10 million in Total Value Locked (TVL) will gain access to 24/7 threat monitoring and operational security funded by foundation grants. For larger projects—those exceeding $100 million—formal verification will be provided, a method that uses mathematical models to ensure the absolute correctness of smart contracts.
Participants in the initiative include leading blockchain security firms such as Asymmetric Research, OtterSec, and Neodyme.
Lessons from the Drift Attack
Despite these technological advancements, the new measures do not fully address the underlying issue revealed by the attack on Drift Protocol. The platform’s smart contracts were not compromised and had passed all standard audits.
Instead, the attack targeted the individuals behind the protocol. The attackers built trust over six months, posing as a legitimate partner before compromising the devices of key participants through malicious code and a fake application.
They subsequently obtained the necessary multi-sig signatures and prepared transactions that appeared completely legitimate until they were executed weeks later.
The Limits of Traditional Defense
This case highlights a fundamental problem in DeFi: the gap between code security and off-chain trust.
Neither formal verification nor constant monitoring could have prevented the attack, as the transactions were valid from the protocol’s perspective. The vulnerability emerged off-chain—within the human factor and operational processes.
A New Front in Cybersecurity
The creation of SIRN aims to shorten response times during such incidents, but it also signals a broader shift in the crypto industry’s approach to security.
It is becoming increasingly clear that protecting DeFi protocols cannot rely solely on code and audits. Instead, it requires an integrated approach covering technical infrastructure alongside human and organizational risks.
In this context, Solana’s new initiatives represent an attempt to bridge this specific gap—even while acknowledging that the most complex attacks are now targeting the people managing the systems rather than the systems themselves.