Could the Drift hack have been prevented earlier? The Solana Foundation and security researchers believe it could have been, prompting a two-tier, ecosystem-wide security initiative. The first layer, STRIDE, will evaluate, monitor, and escalate security issues across Solana DeFi projects with over $10 million in TVL and set standards for security requirements, including independent evaluations and public findings. For protocols with $100 million in TVL or more, the Foundation will support formal security verification to detect threats before they become incidents.
The second tier, dubbed SIRN (Solana Incident Response Network), comprises security firms and researchers to secure the ecosystem and respond to threat incidents. Some participating firms include Asymmetric Research, OtterSec, Neodyme, Squads, and ZeroShadow. The upgrade aims to help investors understand the risk profile of the protocols they interact with. Allan Marshall, CEO of Upexi, welcomed the move as a necessary step toward building trust for institutional players.
The Drift hack, valued at over $285 million, has been linked to North Korea through social engineering, underscoring the scale of the threat. Security researchers from TRM Labs noted Drift wasted its reaction window and acted after red flags had appeared for weeks. Some experts argued that background checks of the threat actors—who reportedly met Drift at industry events—could have prevented the incident. The Solana Foundation unveiled a 24/7 security threat monitoring and response network for DeFi protocols, prioritizing projects with $10 million to $100 million in TVL to minimize incidents and boost investor confidence.
Leave a Reply