The Solana Foundation has unveiled a new security initiative aimed at protecting the network’s largest decentralized finance protocols, nearly one week after a major exchange on the platform was struck by a $285 million hack attributed to North Korean hackers. The program, developed in partnership with Asymmetric Research, is called STRIDE—short for Solana Trust, Resilience and Infrastructure for DeFi Enterprises. It provides around-the-clock threat monitoring for protocols holding more than $10 million in total value locked. Protocols exceeding $100 million in total value locked are eligible for formal verification, described as a mathematical, proof-based method that checks every possible state and execution path of a smart contract.
Before receiving ongoing protection services, protocols are evaluated against a set of security standards under the STRIDE framework. The initiative represents a notable expansion of blockchain-level security infrastructure as attackers increasingly target the growing volume of assets locked within Solana‘s ecosystem. The program launched alongside the Solana Incident Response Network, known as SIRN, a membership-based collective of security firms focused on rapid ecosystem defense. Founding members include Asymmetric Research, OtterSec, Neodyme, Squads, and ZeroShadow, with version 0.1 of the framework currently live and subject to updates based on real-world feedback.
The timing of the launch follows a serious breach at Drift Protocol, which suffered an exploit on April 1 in which attackers drained $285 million in under 12 minutes. Drift disclosed on Sunday that North Korean hackers had spent six months infiltrating its team and infrastructure before carrying out the attack. The incident illustrates the speed and scale at which vulnerabilities in decentralized finance can be exploited by sophisticated adversaries. It also underscores why major blockchain networks are taking broader responsibility for ecosystem-wide security rather than leaving individual protocols to manage their own defenses.
The tiered structure of STRIDE, based on total value locked thresholds, reflects a broader shift in how layer-1 networks are approaching security as decentralized finance continues to mature. By allocating resources proportionally to risk, the program acknowledges that protocols managing hundreds of millions of dollars in assets require a different level of protection than smaller ones. This approach moves away from treating all protocols equally and instead institutionalizes security in a more structured manner. Individual smart contract audits alone are increasingly seen as insufficient to keep pace with the methods used by those targeting blockchain infrastructure.
Rapidly advancing artificial intelligence is also identified as a growing concern in the security landscape, as it can assist both attackers and developers in identifying flaws. An upcoming Anthropic AI model internally referred to as Claude Mythos has been cited as a particular cybersecurity threat, with top cybersecurity stock prices falling late last month when early details of the model were leaked. At the same time, AI tooling has also demonstrated defensive value—a recently patched software exploit in Zcash was discovered with the assistance of AI tools. The dual-use nature of the technology adds complexity to the security environment that programs like STRIDE are designed to address.
Originally reported by Decrypt.
