Solana DeFi security moves

A Solana lending or trading app can look healthy onchain and still be one bad employee away from disaster. That is why the Solana Foundation spent April 6 launching a new defense system for decentralized finance apps just days after Drift lost about $280 million in an exploit it linked to North Korean state-affiliated actors. (solana.com) (cointelegraph.com) The new program is called Solana Trust, Resilience and Infrastructure for DeFi Enterprises, or STRIDE. It is a checklist and monitoring system for Solana finance protocols, built with security firm Asymmetric Research, that scores projects across eight areas including code security, access control, supply-chain risk, and incident response. (solana.com) (cointelegraph.com) The second piece is the Solana Incident Response Network, or SIRN. It is a standing group of firms including Asymmetric Research, OtterSec, Neodyme, Squads, and ZeroShadow that shares threat intelligence and coordinates live responses when something starts breaking. (solana.com) (blog.asymmetric.re) The trigger was not a bug that suddenly appeared in public code. Drift said the April 1 attack followed months of preparation, and outside reporting tied it to social engineering, which means the attackers targeted people and permissions instead of just hunting for a software flaw. (cointelegraph.com) (thehackernews.com) That distinction matters because decentralized finance teams often talk about audits as if they are seat belts. Social engineering is closer to someone stealing the car keys, forging an employee badge, and walking through the side door, which is why STRIDE spends so much attention on governance, access control, operations, and forensics instead of only smart-contract code. (cointelegraph.com) (solana.com) The Foundation is also making the reviews public. Asymmetric Research said protocols will be independently assessed and the findings will be published, so users and investors can compare a project’s security posture before they deposit funds. (cointelegraph.com) (blog.asymmetric.re) The timing lines up with a second shock inside Solana’s developer circles. Researcher Taylor Monahan said North Korean information-technology workers have embedded themselves in crypto projects for at least seven years and claimed more than 40 decentralized finance platforms have had them at some stage. (cointelegraph.com) That warning spilled into a public fight after the Drift exploit. Onchain investigator ZachXBT said Elemental had employed a developer tied to multiple aliases linked to North Korea, and Elemental’s founder said the person had misrepresented their identity, while also saying users did not suffer direct losses from that engagement. (solanafloor.com) So the argument inside Solana right now is not really “is the chain broken.” The argument is whether decentralized finance teams can prove who built the code, who controls the keys, and who gets alerted at 2 a.m. when something abnormal starts moving across wallets and servers. (solana.com) (solanafloor.com) The Foundation’s answer is to treat security less like a one-time audit and more like airport security running all day. STRIDE sets the screening rules, and the Solana Incident Response Network is the team that runs toward the gate when an alarm goes off. (solana.com) (blog.asymmetric.re)