solana-security
4
总安装量
4
周安装量
#51774
全站排名
安装命令
npx skills add https://github.com/gmh5225/awesome-web3-security --skill solana-security
Agent 安装分布
opencode
4
gemini-cli
4
github-copilot
4
codex
4
kimi-cli
4
amp
4
Skill 文档
Solana Security (Sealevel)
Scope
Use this skill for:
- Solana program auditing (Anchor/native)
- Solana account model pitfalls
- Solana-focused fuzzing / tooling / security references
Key Concepts
- Account model (mutable accounts, ownership, rent/exempt)
- Program Derived Addresses (PDA) and seeds
- Cross-Program Invocation (CPI) security
- Signer vs authority checks
- Serialization, discriminators, and account layout assumptions
Common Bug Classes
- Missing signer/authority validation
- Incorrect PDA derivation or seed collisions
- CPI to untrusted programs
- Account confusion (wrong account passed, mismatched owner)
- Arithmetic / precision issues in token math
Tooling
- Anchor framework and security patterns
- Fuzzers / harnesses (e.g., Trident)
- Program analyzers and disassemblers
Where to Add Links in README
- Solana SDKs/tools:
Development â SDK/Development â Tools - Solana audit checklists:
Security - Solana learning guides:
Blockchain Guide
Rules
- Use English descriptions
- Avoid duplicates across categories
Data Source
For detailed and up-to-date resources, fetch the full list from:
https://raw.githubusercontent.com/gmh5225/awesome-web3-security/refs/heads/main/README.md