The Solana Foundation announced a suite of new security initiatives on Monday, coming just five days after the decentralized finance (DeFi) platform Drift Protocol fell victim to a $270 million hack. Investigations revealed that the attack was orchestrated by a group linked to the North Korean government, which spent six months using social engineering tactics to infiltrate the project team.
At the heart of this security upgrade is the "Stride" assessment program, led by Asymmetric Research. The initiative will evaluate DeFi protocols within the Solana ecosystem based on eight core security criteria and publish the findings publicly. Additionally, the Foundation has established the "Solana Incident Response Network" (SIRN), a coalition of security firms and researchers designed to provide real-time responses to emerging crises.
Strengthening Technical Defenses and Response Mechanisms
Under the new guidelines, protocols with a Total Value Locked (TVL) exceeding $10 million that pass the Stride assessment will receive 24/7 threat monitoring funded by the Solana Foundation, with security coverage levels adjusted based on risk profiles. For major protocols with over $100 million in TVL, the Foundation will provide additional funding for formal verification—a mathematical approach to verifying every execution path of a smart contract to ensure the absolute integrity of the code logic.
In addition to Asymmetric Research, security firms including OtterSec, Neodyme, Squads, and ZeroShadow have confirmed their participation in the network. While the response service is open to all Solana protocols, priority will be given to projects with higher TVL.
Although Stride and SIRN aim to bolster technical defenses, the Drift incident exposed a critical vulnerability: the human element. The smart contract code for the Drift protocol had been audited and remained uncompromised. Instead, the attackers bypassed existing technical audits by infiltrating developers' devices through spoofed TestFlight applications and malicious code repositories.
This security overhaul reflects a shift in how the Solana ecosystem is responding to sophisticated cyberattacks. Beyond encryption algorithms and code audits, developing defenses against social engineering attacks targeting core developers has become a pressing new challenge for the ecosystem.
