The Solana Foundation launched a new set of security-focused initiatives to revive trust and resilience across the Solana ecosystem, as concerns around exploitations, vulnerabilities, and protocol-level risks have been rising.
Security re-envisioned with STRIDE
Asymmetric Research and the Solana Foundation published a blog post on ‘Raising the bar on Solana Ecosystem Security’ to ensure the secure use of the platform across tools, standards, and supporting builders.
At the center of the announcement is STRIDE, a comprehensive program designed to evaluate and monitor the security position of Solana-based projects. According to the company, it introduces an ongoing and structured assessment framework for the ecosystem.
STRIDE, which stands for Solana Trust, Resilience, and Infrastructure for DeFi Enterprises, is a 24/7 active threat monitoring protocol with more than $10M Total Value Locked (TVL).
STRIDE Program to set structured security evaluation
Under this program, Asymmetric Research will independently review participating protocols using its proprietary security methodology. These evaluations will be made public, ensuring transparency to both users and investors.
According to reports, the element of transparency is what makes this project different from others, as users often rely on limited or outdated audit reports when assessing risk. By publishing standardized evaluations, STRIDE could help establish a more consistent benchmark for security across Solana projects.
Projects with more than $10 million in TVL that successfully pass the evaluation will have access to operational security support, including continuous threat monitoring funded by the Solana Foundation. These projects will be eligible for advanced formal verification tools, which are used to mathematically prove the correctness of smart contracts.
They will also have formal verification, a process considered more precise for the reliability of coding, though it has historically been limited due to cost and complexity.
The introduction of STRIDE reflects a broader shift in how blockchain ecosystems are approaching security. Rather than relying solely on external audits or reactive bug bounty programs, companies in the ecosystem are constantly monitoring, performing real-time threat detection, and establishing an evaluation framework.
SIRN builds a collaborative security network
The Solana Foundation also launched the Solana Incident Response Network (SIRN), a collaborative initiative designed to improve how security incidents are detected, analyzed, and eased across the ecosystem.
SIRN is structured as a membership-based network of security firms and independent researchers that understands the blockchain concerns and incident responses. Asymmetric Research, OtterSec, and Neodyme have all been well-known names in the crypto security space.
The protocol is focused on providing faster and more coordinated responses to threats. They are built with the capacity of sharing intelligence on active exploits, coordinating mitigation strategies, or providing rapid support to affected protocols during critical incidents.
According to the report, SIRN is open to all Solana-based projects, where access to the platform is prioritized based on TVL, reflecting the priority of each case of implications based on the impact of vulnerabilities in larger protocols. These protocols often hold the user funds and serve as key infrastructure within the ecosystem.
Unlike traditional financial systems, where centralized firms can intervene during crises, blockchain ecosystems need coordination among independent actors. Programs like SIRN is seen as a way to bridge that gap by creating structured channels for collaboration.
However, despite the introduction of these resources, the Solana Foundation states that responsibility for security ultimately remains with individual projects.
“While Solana Foundation will continue to deploy resources to ensure a safer ecosystem that benefits everyone, this does not transfer the underlying responsibility away from the protocols themselves,” the foundation noted. “These resources are offered to ensure security, not replace what individual teams must do themselves.”
To understand the ecosystem better, one must understand the protocol
The post is an affirmation to show where the individual projects and the ecosystem need to play their role in order to create a space with both transparency and security. The foundation is setting expectations for both developers and users regarding accountability.
