Breakpoint 2023: Fuzzing, Formal Methods, and the State of Solana Security
An exploration of how fuzzing and formal verification techniques contribute to the security of the Solana blockchain.
Summary
In an insightful presentation at Breakpoint 2023, the speaker delves into advanced security techniques used to safeguard the Solana blockchain ecosystem. Focusing on fuzzing and formal verification, they describe how these methods are employed to detect potential vulnerabilities and verify the correctness of smart contracts. Amid rising concerns over security breaches and the loss of funds in the crypto space, the session addresses the community's need for more robust and trustworthy protocols. By correcting misconceptions and emphasizing the limitations of fuzzing, along with advocating for formal verification practices, the talk outlines a path towards enhancing the resilience of blockchain applications against malicious attacks.
Key Points:
Understanding Fuzzing and Its Limitations
The speaker introduces fuzzing as a dynamic code analysis technique often misunderstood within the blockchain development community. Fuzzing involves the generation of random inputs to discover coding errors and security loopholes in software. The speaker highlights that fuzzing is not as straightforward as it appears; it involves a continuous feedback loop, requiring constant debugging and assessment of the code coverage achieved by the tests. The effectiveness of fuzzing is limited by the mutation strategies and lack of structural awareness, meaning it often cannot grasp complex business logic found in smart contracts. Despite its limitations, fuzzing remains a valuable tool when applied correctly.
The Role of Formal Verification
Formal verification is presented as an essential counterpart to fuzzing. It's a technique used to mathematically prove the correctness of algorithms, ensuring they align with specific properties and behave as intended under all circumstances. However, assumptions made during verification are crucial and can be a source of weakness if incorrect. The speaker points out that errors at any level of implementation can affect the verification's reliability, from VM behavior, compiler correctness, to the proper functioning of frameworks such as Anchor or Solang.
Adaptations and Advances in Security Practices
Security practices within the Solana ecosystem are evolving. The speaker notes that recent hacks have shifted significantly from technical vulnerabilities to business logic-related exploits, suggesting that the development community is becoming better at implementing more secure protocols. They also highlight the reduced risk due to improved safety mechanisms and caution protocol developers not to allow excessive fund withdrawals in their applications, as mitigations are crucial to minimize potential damages from breaches.
Facts + Figures
- Fuzzing is a security research technique used to detect code vulnerabilities by injecting countless random inputs into software.
- The effectiveness of fuzzing is dependent on the feedback and iterative improvements applied to the testing process.
- Fuzzing often struggles with accurately detecting complex business logic vulnerabilities in smart contracts.
- Formal verification uses mathematical proofs to establish software correctness but requires accurate assumptions to be reliable.
- Solana security practices are improving as recent hacks mainly involve business logic rather than simple technical oversights.
- Developers are advised to implement rate limits and other mitigation strategies to prevent massive, immediate fund withdrawals.
Top quotes
- "It's a constant feedback loop."
- "Fuzzers aren't as powerful as people might think."
- "It's actually quite difficult to define what you're trying to fuzz for."
- "You always need assumptions. And those assumptions can be pretty dangerous."
- "We don't have issues such as, like, missing owner checks."
- "There should be no way to withdraw a hundred million dollars from your protocol in one go."
Questions Answered
What is fuzzing, and how does it contribute to blockchain security?
Fuzzing is a technique utilized in security research to find potential vulnerabilities in a system by feeding it vast amounts of random inputs. In blockchain security, particularly for the Solana ecosystem, it helps uncover bugs that could be exploited by malicious actors. This proactive measure aids in preventing security breaches and enhances the overall sturdiness of the network. Fuzzing requires continuous iteration to be effective, as it must cover as many execution paths as possible to find hidden issues.
Why must fuzzing be approached with a feedback loop mentality?
Fuzzing must be iterative due to its inherent limitations, such as a lack of structural awareness and the simplicity of its mutation strategies. A feedback loop allows developers to debug crashes, assess code coverage, refine the fuzzer, and improve the quality of subsequent tests. The goal is to continually advance the testing framework to uncover deeper and more complex vulnerabilities.
What are the limitations of formal verification?
Formal verification, while powerful in proving algorithmic behavior, carries the weight of its underlying assumptions. Its accuracy depends on perfectly predicting the environment in which the code operates, including the behavior of the virtual machine, the compiler's correctness, and the functionality of high-level frameworks. If any of these assumptions are flawed, the verification might not hold true in practice.
How have Solana security practices evolved in recent years?
The nature of exploits on the Solana network has shifted from basic account spoofing and technical errors to more sophisticated business logic-related vulnerabilities. This indicates that developers are writing more secure code and implementing better practices. Yet, the message remains clear: protocols should build in limits and checks to prevent massive unauthorized withdrawals and secure users' funds against potential hacks.
What can protocol developers do to mitigate the risks of hacks?
Protocol developers are encouraged to adopt safety measures such as setting withdrawal rate limits and employing time-weighted average prices to counter potential price manipulation. By ensuring that their protocols do not allow the instant withdrawal of tens or hundreds of millions in user funds, developers can significantly reduce the risk and impact of a successful breach.
Comments
Please login to leave a comment.
On this page
- Summary
- Key Points:
- Facts + Figures
- Top quotes
-
Questions Answered
- What is fuzzing, and how does it contribute to blockchain security?
- Why must fuzzing be approached with a feedback loop mentality?
- What are the limitations of formal verification?
- How have Solana security practices evolved in recent years?
- What can protocol developers do to mitigate the risks of hacks?
Related Content
Breakpoint 2024: Technical Talk: Fuzzing Comes to Solana (Viktor Fischer)
Scale or Die at Accelerate 2025: Kompass: Navigating Formal Verification for SPL Token at Scale
Breakpoint 2025: Security Block: Certora (Pamina Georgiev)
Breakpoint 2023: Ensuring the Safety of SBF Programs Through Formal Verification
The Long-Term Vision for the DA Layer w/ Connor O'Hara (Celestia Labs)
Compass: Ensuring SPL-Token Stays Safe on Pinocchio Runtime Verification
Validated | Why Multisigs Are Becoming the Default Security Paradigm w/ Stepan Simkin (Squads)
Anchor: Today and Tomorrow
What's Behind the Move Movement? w/ Rushi Manche (Movement Labs)
2024: The End Of EVM Dominance | Rushi Manche
Solana Changelog: Trident, Unruggable, and SyscallGetSysvar
Solana Changelog April 11 - State Compression, Keygen, and One Million NFTs
Evolution of the Keystone Hardware Wallet (feat. Lixin, founder) - Solfate Podcast #53
Understanding zkTLS With Opacity Network | ep. 42
Keystone Wallet: a Next Gen Blockchain Hardware Wallet (feat. Lixin, founder) - Solfate Podcast #53
Latest news
Solana Logged $10 Billion in Tokenized Stock Volume in June, Capturing 95% of On-Chain Equity Trading
Solana Policy Institute Files CFTC Letter Proposing Wallet Software Rules, 24/7 Market Standards, and Blockchain Recordkeeping
SK Hynix's Record Nasdaq Listing Lands on Solana on Day One, Tokenized by xStocks, Backpack Securities, and Ondo
Solana Mainnet Reaches Epoch 1000 After More Than Six Years of Continuous Operation
DeFi Development Corp. Narrows Focus to SOL Per Share After Volatile June
World Prediction Market Migrates From Solana to Robinhood Chain as Raydium, Phantom, and Jito Reaffirm
Solstice Finance's SLX Token Gets Canonical Solana Listing via Sunrise, Trades Live on Jupiter
Jupiter Opens Community Preview of Spot Redesign at edge.jup.ag/spot
Raydium Reports xStocks Trading Volume Tripled in Q2 2026, Reaching $1.63 Billion
U.S. Solana ETFs Log Positive Inflows Every July Trading Day as TSOL Moves to FTSE Benchmark
Solana Token Markets
