Solana was built for security. And as the ecosystem scales, the stakes scale with it. That's why Solana Foundation is launching a new wave of security initiatives across tools, standards, and support for builders. We want to help raise the bar for every builder in the ecosystem.
Solana is already home to some of the most secure infrastructure in the industry: Squads Multisig is formally verified and has completed 10+ audits, Kamino has completed nine independent audits, Jupiter Lend is formally verified with seven audits as detailed in its transparency dashboard, and other leading protocols managing billions in value have spent years reinforcing their security.
Meanwhile, adversaries are rapidly innovating.
To match the speed of development in Solana, and to build on our longstanding commitment to ecosystem security, Solana Foundation is funding a new set of initiatives, led by Asymmetric Research:
- STRIDE: A comprehensive security program for all Solana DeFi, inclusive of hands-on evaluation of Solana protocols and a public repository of these findings
- A 24/7 active threat monitoring center for all passing protocols with more than $10M TVL
- SIRN: A dedicated network of security firms for real-time crisis response
- Formal verification for top protocols with more than $100M TVL
STRIDE: Solana Trust, Resilience and Infrastructure for DeFi Enterprises
Asymmetric Research and Solana Foundation today announced STRIDE, a structured program for evaluating, monitoring, and escalating security across Solana projects.
Asymmetric has outlined a new framework across eight security pillars, and will conduct independent evaluations of ecosystem protocols to ensure they meet the framework’s requirements. These findings will be published publicly, giving users and investors transparency into the protocols they rely on.
For protocols with more than $10M TVL that pass this evaluation, STRIDE will provide ongoing opsec and active threat monitoring, funded by Solana Foundation grants. Coverage is calibrated to each product’s risk profile, with protocols securing the most value receiving the most rigorous protection. This is designed to flag any suspicious activity before they escalate into an incident.
For protocols with more than $100M in TVL, Solana Foundation will additionally fund formal verification: a mathematical, proof-based method that guarantees smart contract correctness by exhaustively checking every possible state and execution path.
SIRN: Solana Incident Response Network
While STRIDE establishes and evaluates security standards, the Solana Incident Response Network (SIRN) launched today to respond and act when security incidents occur. SIRN is a dedicated, membership-based network of security firms and researchers focused on protecting the Solana ecosystem.
SIRN is available to all Solana protocols, but prioritized based on TVL.
Founding participants of SIRN include Asymmetric Research, OtterSec, Neodyme, Squads, and ZeroShadow. Members will share threat intelligence, coordinate response to active incidents, and contribute to the ongoing evolution of the STRIDE framework, providing the ecosystem with dedicated, round-the-clock incident response capabilities.
Ongoing Security Support for the Solana Ecosystem
STRIDE and SIRN are the latest additions to a robust set of security resources Solana Foundation has made available to the ecosystem over the past few years.
The following services are now available to all projects in the Solana ecosystem at no cost, so security can be prioritized from day-one:
- Hypernative provides institutional-grade security infrastructure for protocols building on Solana and enables teams to detect threats early and prevent malicious transactions before they execute. Hypernative’s ecosystem-wide threat detection and monitoring umbrella was rolled out in September 2024. Learn more here.
- Range Security offers real-time risk, security and alerting for multisigs, wallets and programs across the ecosystem. Range has served as a security partner for the Solana ecosystem since October 2024. Teams building on Solana receive 100 free API credits per month – full documentation can be found here.
- Riverguard by Neodyme simulates attacks on Solana programs to help provide findings for teams to triage. The tool is free for any protocol deployed on Solana. A technical description can be found here.
- Sec3 offers X-Ray, a static analysis tool to automate security best practices as you build on Solana. Additionally, all Solana projects can access free 45-minute security consultations.
- AuditWare’s Radar tool enables developers to write, share, and utilize templates to identify security issues while they build. The tool is free to use and easy to plug into your program development.
In addition, Solana Foundation is a member of the Crypto Defenders Alliance, a coalition of exchanges, blockchain projects and cybersecurity organizations dedicated to stopping fraud, theft and liquidation of stolen digital assets through deep industry collaboration, best practices and open-source software.
The Responsibility of Protocols
Solana Foundation has a long history of dedicating resources to ensure that security services and tools are available to the ecosystem, and today's announcement further strengthens that commitment.
While Solana Foundation will continue to deploy resources to ensure a safer ecosystem that benefits everyone, this does not transfer the underlying responsibility away from the protocols themselves. For protocols managing significant user funds, rigorous security measures are mandatory and these resources are offered to ensure security, not replace what individual teams must do themselves.
As Solana continues to scale, this expanded security program reflects an ongoing commitment to builders, users, and the long-term health of the network.
More information on STRIDE and SIRN can be found here, and projects can request assessments via this form.