3 Most Common Vulnerabilities in Solana Smart Contracts

1- Missing Ownership Control

Your contract must only trust accounts owned by itself. That means, as a Solana developer, you must always review the AccountInfo::owner field of accounts in your code. Note that these are not supposed to be wholly user-controlled. Therefore, you may create a helper function that takes an untrusted AccountInfo, inspects the owner, and returns an object of a different, trusted type.

fn withdraw_funds(program_id: &Pubkey, accounts: &[AccountInfo], amount: u64) -> ProgramResult {
let account_iter = &mut accounts.iter();
let vault = next_account_info(account_iter)?;
let admin = next_account_info(account_iter)?;
let config = ConfigAccount::unpack(next_account_info(account_iter)?)?;
let vault_authority = next_account_info(account_iter)?;


if config.admin != admin.pubkey() {
return Err(ProgramError::InvalidAdminAccount);
}

// …
// Transfer funds from vault to admin using vault_authority
// …

Ok(())
}

2- Missing Signer Check

If an instruction should only be open to a fixed set of entities, you must control that the right entity has signed the call by inspecting the AccountInfo::is_signer field.

fn admin_update(program_id: &Pubkey, accounts: &[AccountInfo]) -> ProgramResult {
let account_iter = &mut accounts.iter();
let config = ConfigAccount::unpack(next_account_info(account_iter)?)?;
let admin = next_account_info(account_iter)?;
let admin_new = next_account_info(account_iter)?;

// ...
// Validate the config account...
// ...

if admin.pubkey() != config.admin {
return Err(ProgramError::InvalidAdminAccount);
}

config.admin = admin_new.pubkey();

Ok(())
}

3- Arithmetic underflow & overflow

In smart contracts, overflow/underflows are quite common because blockchain applications often compute math over financial data.

let X: u32 = 1000; 

fn token_withdraw(program_id: &Pubkey, accounts: &[AccountInfo], amount: u32) -> ProgramResult {

// ...
// deserialize & validate user and vault accounts
// ...

if amount + X > vault.user_balance[user_id] {
return Err(ProgramError::AttemptToWithdrawTooMuch);
}

// ...
// Transfer `amount` many tokens from vault to user-controlled account ...
// ...

Ok(())
}

ByteScan.Net —

Blockchain Security Audit Team

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
bytescan

bytescan

14 Followers

ByteScan is a Cyber Security Consulting Firm that offers security auditing services for a number of blockchains, with a special focus on third-generation dapps.