Since a year ago, the Solana ecosystem has seen super rapid growth while witnessing multiple hacks (involving Wormhole, CashioApp, CremaFinance, Nirvana, and Slope Wallet), which collectively caused close to $400 million losses.

Importantly, most of these hacks (except Slope Wallet) were due to smart contract vulnerabilities, i.e., coding flaws in on-chain protocols:

• Wormhole —$320 million stolen due to a missing account validation
• CashioApp — $50 million stolen due to a missing account validation
• CremaFinance — $10 million stolen (returned $8M) due to a missing account validation
• Nirvana — $3.5 million stolen due to price manipulation via flash loan
• Slope Wallet — $4 million stolen due to seed-phrase leaks

In this article, we review the essence of these hacks and aim to find effective solutions to prevent such attacks in the future.

What Is in Common Among These Hacks?

1. Almost all hacks (except Slope Wallet) crafted one or more fake accounts

• Wormhole: hacker created two fake sysvar accounts to skip the key verification
• CashioApp — hacker created eight fake accounts to pass validity checks
• CremaFinance — hacker created a fake price tick account and used flash loan to steal fees
• Nirvana — hacker crafted a flash loan account to manipulate token price
• Slope Wallet —hacker directly obtained private keys of user wallets through the leaked seed phrases

2. All hacks involved multiple transactions

• Wormhole: the whole attack took six transactions to complete: the first tx(create 1st fake sysvar account), the last tx (call complete_wrapped)
• CashioApp — the whole attack took more than ten transactions from creating all the fake accounts to sending the final attack transaction
• CremaFinance — each attack took at least three transactions: create a fake tick account, deploy a flash loan program, and launch an attack to steal fees; moreover, the hacker repeatedly launched 10+ flash loan transactions to steal from different token pools
• Nirvana — the attack took at least two transactions: deploy a crafted flash loan receiver program, and call Solend flash loan
• Slope Wallet — the whole attack drained more than 9,000 wallets involving more than 9,000 SOL or SPL token transfer transactions

3. All hacks spanned at least a few minutes (hours or even days)

• Wormhole: the time window between the tx which created the 1st fake sysvar account and the tx which completed the transfer spans six hours
• CashioApp — the hacker’s first fake account was created five days before the attacking transaction
• CremaFinance — the fake tick account was created more than one hour before the first attack
• Nirvana — the time window between the two transactions (deploy flash loan receiver and call Solend flash loan) spans four minutes
• Slope Wallet — the widespread attack spans over at least eight hours.

4. The biggest losses were due to missing account validations

The first three hacks (Wormhole, CashioApp and CremaFinance) were rooted in missing proper account validations.

By coincidence or not, these attacks also caused the largest financial losses.

5. Flash loan was involved in two hacks

Both CremaFinance and Nirvana hacks involved direct flash loan transactions and were both through Solend.

In CremaFinance, the flash loan was used to bootstrap the deposit liquidity.

In Nirvana, its internal price oracle was manipulated by the flash loan.

How to Prevent Similar Hacks in the Future?

Based on the characteristics of these attacks summarized above, we recommend the following security practices:

1. Pre-deployment: validate all input accounts to smart contracts

In writing a Solana smart contract, always keep in mind that all inputs can be faked by attackers, including all the accounts and external programs (i.e., user wallet accounts, PDA accounts, and other smart contracts).

Solana’s programming model decouples code and data, so all accounts used in the program must be passed as data inputs.

In almost all cases, you should validate:

• Account ownership
• Account signers
• Relationships (or logical constraints) between accounts

Depending on the protocol logic, you should also check:

• If any internal price oracle can be manipulated by flash loans (with a large amount of transfer) and add constraints to prevent discrepancies
• If any abnormal state (e.g., fees or awards) could be computed and add constraints to prevent discrepancies

2. Post-deployment: use proactively real-time threat monitoring

As all these hacks involve multiple transactions spanning at least minutes or hours of time, it is possible to proactively detect suspicious transactions early and throttle the attacks in the middle.

This is a unique property of Solana, which allows on-chain threat monitoring techniques to help effectively prevent and stop security attacks as a defense solution (rather than merely a passive observer of irrecoverable attacks):

In principle, a threat monitoring solution may help:

• Monitor large transfers of SOL or SPL tokens
• Monitor flash loan transactions targeting your smart contract
• Monitor potential rug pulls via upgrading a dependent program
• Monitor abnormal states (e.g., calculated fees)
• Monitor round-trip-trade transactions (e.g., deposit-claim-withdraw in a single tx)
• Monitor repeated transactions from the same signer
• … Any customized monitoring for protocol-specific properties

If any of the monitored transactions led to a fake account or an abnormal state used in a subsequent hack, detecting them early could help stop the hack.

3. sec3 Pro: end-to-end pre- and post-deployment security

sec3 Pro (https://pro.sec3.dev) offers a one-stop, end-to-end solution to secure Solana projects.

Pre-deployment: sec3 X-ray auto auditor can check 50+ types of Solana smart contract vulnerabilities 7x24, powered by an inference engine that can infer account relationships and pinpoint any missing account validations. It also includes sophisticated checkers for flash loan vulnerabilities and abnormal states.

Post-deployment: sec3 WatchTower features an in-situ security monitoring service for Solana smart contracts. It detects suspicious transactions, and prevents and stops security attacks in real-time. More details can be found in Announcing sec3 WatchTower: Smart Monitor for Smart Contracts.

About sec3 (Formerly Soteria)

sec3 is a security research firm that prepares Solana projects for millions of users. sec3’s Launch Audit is a rigorous, researcher-led code examination that investigates and certifies mainnet-grade smart contracts; sec3’s continuous auditing software platform, X-ray, integrates with GitHub to progressively scan pull requests, helping projects fortify code before deployment; and sec3’s post-deployment security solution, WatchTower, ensures funds stay safe. sec3 is building technology-based scalable solutions for Web3 projects to ensure protocols stay safe as they scale.

To learn more about sec3, please visit https://www.sec3.dev

‍

‍