Learn how to think intelligently about security for your onchain programs, whether developing in Anchor or Native Rust.
Ensure instructions are only executed by authorized accounts by implementing signer checks.
Understand the use of account owner checks when processing incoming instructions.
How to check your program's data accounts in both Anchor and Native Rust.
Understand the security risks of account reinitialized attacks being used to override data, and how to prevent them.
Under vulnerabilities that can occur with instruction handlers that handle two mutable accounts, and how to mitigate them.
Understand the risks of using incorrect account types in instructions and how to mitigate them with account type checks.
How to safely invoke Solana programs from other Solana programs.
Understand the need for consistent PDA calculation by storing and reusing the canonical bump.
How to close program accounts safely and securely in Anchor and native Rust.
Understand the potential problems of reusing PDAs by using user and domain specific PDAs.
Got a question?
Questions are everywhere, answers are on the Solana StackExchange.
Ask on Stack Exchange