How to audit Solana smart contracts Part 1: a systematic approach

Solana is exploding in popularity due to its rock-bottom transaction fees. With more and more high-value Dapps being built on Solana, it is critical to develop auditing techniques for them.

However, auditing Solana smart contracts entail new and more advanced skills compared to Ethereum (which has established auditing rules in the last three years). Solana differs from Ethereum in two major ways:

(1) it uses a different language — Rust (vs Solidity in Ethereum) and

(2) it decouples code and data.

In this article series, we will introduce a systematic approach including a few automated techniques for auditing Solana smart contracts.

What attackers want and what they may do?

First of all, an audit should develop a mindset of attackers and understand their incentives. Here are a few user stories from an attacker:

• Can I steal money (SPL tokens, SOL, or other native currencies) from the smart contract?
• Can I freeze the smart contract (lock user funds, disable the depositing/withdrawing process, disable the upgrade, etc)?
• Can I make the smart contract to send money to a wrong user?
• Can I change the smart contract’s critical states (changing the owner, the multisig owner, or the validator list)?
• Can I change the smart…