Solana Foundation Launches STRIDE Following Drift Exploit

Van Thanh Le

•

Apr 7 2026

5 hours ago3 minutes read

New security framework and response network target DeFi vulnerabilities

TL;DR

Solana Foundation introduced STRIDE and SIRN on April 7, 2026 after the Drift exploit.
STRIDE provides continuous security evaluations, monitoring, and public reporting for DeFi protocols.
Funding thresholds determine access to 24/7 monitoring and formal verification tools.

We’ve launched the all-new COIN360 Perp DEX, built for traders who move fast!

Trade 130+ assets with up to 100× leverage, enjoy instant order placement and low-slippage swaps, and earn USDC passive yield while climbing the leaderboard. Your trades deserve more than speed — they deserve mastery.

Start Trading on COIN360 Today!

Solana Foundation on April 7, 2026 launched STRIDE, a security program for Solana DeFi protocols, alongside the Solana Incident Response Network (SIRN), following the April 1 Drift Protocol exploit that exposed systemic security gaps. STRIDE is administered by Asymmetric Research and is designed to provide continuous evaluation, monitoring, and public reporting of protocol security.

STRIDE, short for Solana Trust, Resilience and Infrastructure for DeFi Enterprises, replaces one-time audits with an ongoing framework that evaluates protocols independently and publishes findings. Solana Foundation said, “Solana Foundation has a long history of dedicating resources to ensure that security services and tools are available to the ecosystem, and today’s announcement further strengthens that commitment.”

The Drift Protocol exploit resulted in losses ranging from $280 million to $286 million, with the most specific figure indicating $286 million was drained in under 12 minutes. The incident exposed the absence of a standardized, ongoing security baseline across Solana DeFi. The exploit involved durable nonces that enabled attackers to gain administrative permissions through a previously overlooked mechanism.

STRIDE framework and SIRN response structure

STRIDE evaluates protocols across eight areas: program security, governance and access control, oracle and dependency risks, infrastructure security, supply chain security, operational security, monitoring and incident response, and log management and forensics. A Solana Foundation post stated, “Solana Foundation is funding new ecosystem-wide security initiatives led by @asymmetric_re,” and added, “STRIDE. A comprehensive security program for all Solana DeFi. Includes hands-on evaluations and a public repository of findings.”

Protocols with more than $10 million in total value locked that pass evaluations qualify for foundation-funded operational security support and 24/7 continuous threat monitoring. Protocols exceeding $100 million in total value locked qualify for formal verification tooling funded by the foundation, with tools designed to test all possible smart contract execution paths.

SIRN operates as a membership-based response network that shares threat intelligence and coordinates responses during active incidents. Solana Foundation said SIRN members “will share threat intelligence, coordinate responses to active incidents, and contribute to the ongoing evolution of the STRIDE framework.” Founding members include Asymmetric Research, OtterSec, Neodyme, Squads, and Zeroshadow. Participation is open to all protocols, with response priority based on total value locked and estimated impact.

The STRIDE framework is currently in version 0.1 and is expected to evolve as protocols undergo evaluation and results are published. Solana Foundation stated that individual projects remain responsible for maintaining their own internal security practices.

Elliptic identified close on-chain similarities between the attack pattern and prior North Korean-linked operations. Chainalysis estimated North Korea accounted for around $2 billion in crypto theft in 2025, representing about 60% of global illicit crypto activity. More than 56 million DRIFT tokens, valued at about $2.4 million, were moved from a wallet tied to the Drift team to a centralized exchange after the exploit.

Initiative	Type	Key Function	Eligibility / Scope	Funding / Support
STRIDE	Security framework	Independent evaluations, public reporting, continuous monitoring across eight security pillars	All Solana DeFi protocols	Funded by Solana Foundation, led by Asymmetric Research
24/7 Threat Monitoring	Operational security service	Continuous detection of suspicious activity and incident prevention	Protocols with more than $10M TVL that pass STRIDE evaluation	Funded via Solana Foundation grants
Formal Verification	Security validation tooling	Mathematical proof-based validation of smart contract correctness across all execution paths	Protocols with more than $100M TVL	Funded by Solana Foundation
SIRN	Incident response network	Real-time threat intelligence sharing and coordinated response to active security incidents	All Solana protocols, prioritized by TVL and impact	Operated by member firms including Asymmetric Research, OtterSec, Neodyme, Squads, and Zeroshadow

FAQ

What is STRIDE?

A Solana Foundation-funded DeFi security program led by Asymmetric Research.

What is SIRN?

A Solana incident-response network for threat intelligence sharing and coordinated response.

Why was STRIDE launched?

It followed the Drift Protocol exploit and broader security concerns across Solana DeFi.

Who remains responsible for protocol security?

Individual projects still remain responsible for their own internal security practices.

This article has been refined and enhanced by ChatGPT.