Back to Details

solana-audit

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Solana Smart Contract Audit

Solana智能合约审计

Trigger

触发条件

Activate this skill when the user asks to:
  • Audit, review, or analyze a Solana program for security vulnerabilities
  • Check a Solana smart contract for bugs or exploits
  • Perform security analysis on code containing 
    solana_program
    , 
    anchor_lang
    , 
    pinocchio
    , 
    #[program]
    , or 
    #[derive(Accounts)]
当用户提出以下请求时激活此技能:
  • 审计、审查或分析Solana程序的安全漏洞
  • 检查Solana智能合约中的漏洞或可利用点
  • 对包含
    solana_program
    anchor_lang
    pinocchio
    #[program]
    #[derive(Accounts)]
    的代码执行安全分析

Workflow

工作流程

Phase 1: Explore

阶段1:探索

Read references/agents/explorer.md and spawn the explorer using the Agent tool:
Agent(subagent_type="Explore", prompt="<paste explorer prompt from explorer.md, filling in the target path>")
It returns: program map, instruction list, account structures, PDA map, CPI graph, protocol type classification, and threat model.
You MUST spawn this agent and wait for its output before proceeding to Phase 2. The explorer output is passed to every scanning agent as shared context.
阅读references/agents/explorer.md,并使用Agent工具启动探索器:
Agent(subagent_type="Explore", prompt="<粘贴explorer.md中的探索器提示,填入目标路径>")
它会返回:程序映射、指令列表、账户结构、PDA映射、CPI图、协议类型分类和威胁模型。
在进入阶段2之前,必须启动此Agent并等待其输出。探索器的输出将作为共享上下文传递给所有扫描Agent。

Phase 2: Parallel Scan

阶段2:并行扫描

Read references/scoring.md for the confidence scoring rules and False Positive Gate. Then read all 4 agent prompt files and spawn them IN PARALLEL using 4 simultaneous Agent tool calls, inserting the explorer output into each prompt:
Auth Scanner (references/agents/auth-state-scanner.md)
  • Categories A-1..A-5 + S-1..S-8 — 13 vulnerability types
CPI Scanner (references/agents/cpi-math-scanner.md)
  • Categories C-1..C-3 + M-1..M-4 — 7 vulnerability types
Logic Scanner (references/agents/logic-economic-scanner.md)
  • Categories L-1..L-4 + T-1..T-3 — 7 vulnerability types
  • Loads protocol-specific reference based on explorer's classification
Framework Scanner (references/agents/framework-scanner.md)
  • Framework-specific checks (Anchor/Native/Pinocchio) + R-1..R-3
Spawn all 4 in a single response like this:
Agent(prompt="<auth-state-scanner prompt with explorer output inserted>")
Agent(prompt="<cpi-math-scanner prompt with explorer output inserted>")
Agent(prompt="<logic-economic-scanner prompt with explorer output inserted>")
Agent(prompt="<framework-scanner prompt with explorer output inserted>")
Each agent returns candidates with taxonomy ID, file:line, evidence, attack path, confidence score, and FP gate result.
DEEP mode (when user requests thorough/deep audit): After the 4 scanners complete, also spawn a 5th adversarial agent per references/agents/adversarial-scanner.md. Pass it the explorer output AND the merged scanner findings for cross-validation.
阅读references/scoring.md了解置信度评分规则和误报筛选机制(False Positive Gate)。然后阅读所有4个Agent的提示文件,并使用4个同时进行的Agent工具调用并行启动它们,将探索器的输出插入到每个提示中:
权限验证扫描器references/agents/auth-state-scanner.md
  • 类别A-1..A-5 + S-1..S-8 — 共13种漏洞类型
CPI与数学运算扫描器references/agents/cpi-math-scanner.md
  • 类别C-1..C-3 + M-1..M-4 — 共7种漏洞类型
逻辑与经济模型扫描器references/agents/logic-economic-scanner.md
  • 类别L-1..L-4 + T-1..T-3 — 共7种漏洞类型
  • 根据探索器的分类加载特定于协议的参考资料
框架扫描器references/agents/framework-scanner.md
  • 特定于框架的检查(Anchor/原生/Pinocchio)+ R-1..R-3
像这样在单个响应中启动所有4个Agent:
Agent(prompt="<插入探索器输出后的权限验证扫描器提示>")
Agent(prompt="<插入探索器输出后的CPI与数学运算扫描器提示>")
Agent(prompt="<插入探索器输出后的逻辑与经济模型扫描器提示>")
Agent(prompt="<插入探索器输出后的框架扫描器提示>")
每个Agent都会返回包含分类ID、文件:行号、证据、攻击路径、置信度评分和误报筛选结果的候选漏洞。
深度模式(当用户要求全面/深度审计时):在4个扫描器完成后,还需根据references/agents/adversarial-scanner.md启动第5个对抗性Agent。将探索器输出以及合并后的扫描结果传递给它以进行交叉验证。

Phase 3: Validate + Falsify

阶段3:验证与排除误报

  1. Merge all agent candidate lists
  2. Deduplicate by root cause — when two agents flag the same root cause, keep the higher-confidence version. If they flag the same location with different taxonomy IDs, keep both.
  3. Sort by confidence score, highest first. Re-number sequentially (VULN-001, VULN-002, ...).
  4. Falsify — Each agent already applied the FP Gate (concrete path, reachable entry, no mitigations). For remaining candidates, check two additional defenses:
    • Would exploitation cost more than the attacker could gain? (economic infeasibility)
    • Is there an off-chain component (keeper, multisig, timelock) that blocks the attack vector? If either defense holds, drop or reduce confidence accordingly.
  5. Cross-reference with references/exploit-case-studies.md — does this match a known exploit pattern?
  6. Consult individual reference files for each confirmed finding's taxonomy ID (e.g., references/missing-signer-check.md) for detailed remediation guidance
  7. Assess severity using the calibration table in references/audit-checklist.md §Severity Calibration
For Anchor programs, also consult references/anchor-specific.md for framework-specific gotchas.
  1. 合并所有Agent的候选漏洞列表
  2. 去重:按根本原因去重 — 当两个Agent标记相同的根本原因时,保留置信度更高的版本。如果它们标记相同位置但分类ID不同,则同时保留。
  3. 排序:按置信度评分从高到低排序。按顺序重新编号(VULN-001、VULN-002、...)。
  4. 排除误报 — 每个Agent已应用误报筛选机制(具体路径、可访问的入口、无缓解措施)。对于剩余的候选漏洞,检查另外两项防御措施:
    • 利用漏洞的成本是否超过攻击者可能获得的收益?(经济不可行性)
    • 是否存在链下组件(守护者、多签、时间锁)可以阻止攻击向量? 如果任一防御措施成立,则相应地删除该漏洞或降低其置信度。
  5. 交叉参考references/exploit-case-studies.md — 该漏洞是否匹配已知的利用模式?
  6. 查阅每个已确认漏洞分类ID对应的单独参考文件(例如references/missing-signer-check.md)以获取详细的修复指导
  7. 评估严重性:使用references/audit-checklist.md §严重性校准中的校准表
对于Anchor程序,还需查阅references/anchor-specific.md了解框架特有的注意事项。

Phase 4: Report

阶段4:生成报告

Produce the final audit report. Every finding MUST include its taxonomy ID from references/vulnerability-taxonomy.md and its confidence score.
markdown
undefined
生成最终的审计报告。每个漏洞必须包含references/vulnerability-taxonomy.md中的
**分类ID**
**置信度评分**
markdown
undefined

Security Audit Report: [Program Name]

安全审计报告: [程序名称]

Executive Summary

执行摘要

  • Audit date, scope (files, instructions, LOC)
  • Framework: Native / Anchor / Pinocchio
  • Protocol type: [from explorer classification]
  • Methods: Parallel agent scan (4 agents + adversarial), confidence-scored validation
  • Finding counts by severity: X Critical, Y High, Z Medium, W Low, V Informational
  • Confidence threshold: 75/100
  • 审计日期、范围(文件、指令、代码行数LOC)
  • 框架:原生 / Anchor / Pinocchio
  • 协议类型:[来自探索器的分类]
  • 方法:并行Agent扫描(4个Agent + 对抗性Agent)、带置信度评分的验证
  • 按严重性划分的漏洞数量:X个关键、Y个高风险、Z个中风险、W个低风险、V个信息性提示
  • 置信度阈值:75/100

Methodology

方法论

  • Phase 1: Codebase exploration (program map, CPI graph, threat model)
  • Phase 2: Parallel scan — 4 agents across 30 vulnerability types across 7 categories
  • Phase 3: Merge, deduplicate by root cause, devil's advocate falsification
  • Phase 4: Confidence-scored report
  • Reference: vulnerability taxonomy based on Wormhole, Cashio, Mango, Neodyme, Crema exploits
  • 阶段1:代码库探索(程序映射、CPI图、威胁模型)
  • 阶段2:并行扫描 — 4个Agent覆盖7个类别下的30种漏洞类型
  • 阶段3:合并、按根本原因去重、反向验证排除误报
  • 阶段4:带置信度评分的报告
  • 参考:基于Wormhole、Cashio、Mango、Neodyme、Crema漏洞利用案例的漏洞分类

Findings

漏洞详情

[CRITICAL] VULN-001: Title (Confidence: 95/100)

[CRITICAL] VULN-001: 标题(置信度: 95/100)

File: path/to/file.rs:line Category: A-1 (Missing Signer Check) Description: ... Attack Path: caller → instruction → state change → impact Impact: ... Recommendation: ... Fix:
rust
// Remediation code (framework-specific)
文件: path/to/file.rs:line 分类: A-1(缺少签名者校验) 描述: ... 攻击路径: 调用者 → 指令 → 状态变更 → 影响 影响: ... 修复建议: ... 修复代码:
rust
// 框架特定的修复代码

[HIGH] VULN-002: Title (Confidence: 80/100)

[HIGH] VULN-002: 标题(置信度: 80/100)

File: path/to/file.rs:line Category: S-7 (Reinitialization) ...
文件: path/to/file.rs:line 分类: S-7(可重新初始化) ...

Below Confidence Threshold

低于置信度阈值

[MEDIUM] VULN-003: Title (Confidence: 60/100)

[MEDIUM] VULN-003: 标题(置信度: 60/100)

File: path/to/file.rs:line Category: M-2 (Division Precision Loss) Description: ... Impact: ... (No fix recommendation — below confidence threshold)
文件: path/to/file.rs:line 分类: M-2(除法精度损失) 描述: ... 影响: ... (无修复建议 — 低于置信度阈值)

Summary Table

摘要表格

IDTitleSeverityCategoryConfidenceFileStatus
VULN-001Missing Signer CheckCriticalA-195lib.rs:16Open
VULN-002ReinitializationHighS-780lib.rs:11Open
---Below Confidence Threshold------<75------
VULN-003Division Precision LossMediumM-260math.rs:45Open
ID标题严重性分类置信度文件状态
VULN-001缺少签名者校验关键A-195lib.rs:16未修复
VULN-002可重新初始化高风险S-780lib.rs:11未修复
---低于置信度阈值------<75------
VULN-003除法精度损失中风险M-260math.rs:45未修复

Appendix

附录

  • Complete file listing reviewed
  • Vulnerability taxonomy reference
  • Explorer output (program map, CPI graph, threat model)

**Report rules:**
- Every finding MUST have a `**Category:**` line with the taxonomy ID (e.g., A-1, S-7, C-1)
- Every finding MUST have a `**Confidence:**` score
- Findings >= 75 confidence MUST include framework-specific fix code
- Findings < 75 appear below the **Below Confidence Threshold** separator without fix code
- Sort by confidence descending within each severity group
- The Summary Table MUST include the Category and Confidence columns
- Recommendations MUST include framework-specific fixes (e.g., `Signer<'info>`, `Account<'info, T>`, `close = destination`)
  • 已审查的完整文件列表
  • 漏洞分类参考
  • 探索器输出(程序映射、CPI图、威胁模型)

**报告规则:**
- 每个漏洞必须包含带有分类ID的`**分类:**`行(例如A-1、S-7、C-1)
- 每个漏洞必须包含`**置信度:**`评分
- 置信度>=75的漏洞必须包含框架特定的修复代码
- 置信度<75的漏洞出现在**低于置信度阈值**分隔线下方,且不包含修复代码
- 在每个严重性组内按置信度降序排序
- 摘要表格必须包含分类和置信度列
- 修复建议必须包含框架特定的修复方案(例如`Signer<'info>`、`Account<'info, T>`、`close = destination`)

References

参考资料

The 
references/
directory contains:
Core references:
  • CHEATSHEET.md — Condensed quick-lookup for all 30 vulnerability types with grep-able keywords (load this first)
  • scoring.md — False Positive Gate + confidence scoring rules (loaded by all agents)
  • vulnerability-taxonomy.md — Full index linking to individual vulnerability reference files
  • audit-checklist.md — Per-instruction validation checklist + syntactic grep commands
  • anchor-specific.md — Anchor framework-specific gotchas
  • exploit-case-studies.md — Real-world Solana exploit patterns ($500M+ in losses)
20 individual vulnerability files — Each with preconditions, vulnerable patterns, detection heuristics, false positives, and remediation
Agent prompts (
references/agents/
):
  • explorer.md — Phase 1 exploration
  • auth-state-scanner.md — Auth Scanner (Categories A + S)
  • cpi-math-scanner.md — CPI Scanner (Categories C + M)
  • logic-economic-scanner.md — Logic Scanner (Categories L + T)
  • framework-scanner.md — Framework Scanner (Framework + R)
  • adversarial-scanner.md — DEEP mode threat modeling
Protocol-specific references (
references/protocols/
) — loaded on-demand based on explorer classification:
  • lending-protocol.md — Collateral, liquidation, interest rate patterns
  • dex-amm-protocol.md — Swap, LP token, AMM curve patterns
  • staking-protocol.md — Reward distribution, epoch, delegation patterns
  • bridge-protocol.md — Message verification, replay, guardian patterns
references/
目录包含:
核心参考:
  • CHEATSHEET.md — 所有30种漏洞类型的浓缩速查表,包含可用于grep的关键词(优先加载此文件)
  • scoring.md — 误报筛选机制+置信度评分规则(所有Agent都会加载)
  • vulnerability-taxonomy.md — 完整的索引,链接到各个漏洞的参考文件
  • audit-checklist.md — 逐指令验证清单+语法grep命令
  • anchor-specific.md — Anchor框架特有的注意事项
  • exploit-case-studies.md — 真实世界的Solana漏洞利用模式(损失超5亿美元)
20个单独的漏洞文件 — 每个文件包含前提条件、漏洞模式、检测启发式、误报情况和修复方案
Agent提示
references/agents/
):
  • explorer.md — 阶段1:探索
  • auth-state-scanner.md — 权限验证扫描器(类别A + S)
  • cpi-math-scanner.md — CPI与数学运算扫描器(类别C + M)
  • logic-economic-scanner.md — 逻辑与经济模型扫描器(类别L + T)
  • framework-scanner.md — 框架扫描器(框架 + R)
  • adversarial-scanner.md — 深度模式威胁建模
特定协议参考
references/protocols/
)— 根据探索器的分类按需加载:
  • lending-protocol.md — 抵押品、清算、利率模式
  • dex-amm-protocol.md — 交换、LP代币、AMM曲线模式
  • staking-protocol.md — 奖励分配、纪元、委托模式
  • bridge-protocol.md — 消息验证、重放、守护者模式