Solana Security (Sealevel)

Scope

Use this skill for:

• Solana program auditing (Anchor/native)
• Solana account model pitfalls
• Solana-focused fuzzing / tooling / security references

Key Concepts

• Account model (mutable accounts, ownership, rent/exempt)
• Program Derived Addresses (PDA) and seeds
• Cross-Program Invocation (CPI) security
• Signer vs authority checks
• Serialization, discriminators, and account layout assumptions

Common Bug Classes