Solana Foundation Boosts DeFi Defenses With STRIDE Amid Rising Attacks
- Solana unveiled STRIDE to audit protocols and publish security findings publicly.
- Protocols above $10M TVL get 24/7 monitoring, while $100M+ projects get formal review.
- The rollout follows major losses as crypto attacks shift from code bugs to infrastructure.
The Solana Foundation has launched a broader security push for its DeFi ecosystem, pairing prevention tools with live monitoring and emergency coordination. The move follows a sharp rise in crypto losses tied to operational breaches, social engineering, and increasingly sophisticated attacks.
At the center of the rollout is STRIDE, a security program designed to evaluate, monitor, and escalate risk across protocols. The foundation said the initiative adds independent reviews, public findings, continuous monitoring for larger protocols, and formal verification for the biggest projects.
STRIDE Sets a New Security Framework
STRIDE, short for Solana Trust, Resilience, and Infrastructure for DeFi Enterprises, introduces a structured framework for assessing protocol security. It is led by Asymmetric Research and targets the wider Solana ecosystem.
According to an official report, the program measures protocols across eight pillars, including program security, governance, oracle and dependency risk, infrastructure, supply chain security, operational security, monitoring, incident response, and forensics. That structure expands security checks beyond code alone.
“Protocols are independently assessed against these requirements, with findings published publicly,” Asymmetric Research said in an official report. The firm further acknowledged that “this gives users, investors, and the broader ecosystem real transparency into the security posture of the protocols they interact with.”
The foundation added tiered protections based on total value locked. Per the report, protocols above $10 million in TVL receive ongoing operational security support and 24/7 active threat monitoring.
Similarly, for protocols above $100 million in TVL, the foundation said it will fund formal verification. That adds another layer of review for higher-value systems carrying larger ecosystem risk.
SIRN Adds Real-Time Incident Coordination
Alongside STRIDE, the foundation launched the Solana Incident Response Network, or SIRN, for real-time incident response. The membership-based network is available across the ecosystem and prioritizes support by TVL.
The network brings together specialized security firms to coordinate during active incidents and share threat intelligence. Founding members include Asymmetric Research, OtterSec, Neodyme, Multisig, and ZeroShadow.
The foundation said SIRN members will also help refine the STRIDE framework over time. That links incident response with long-term security standards rather than treating breaches as isolated events.
This setup reflects a broader change in crypto defense, where rapid coordination matters as much as technical review. Public standards, live monitoring, and crisis response now sit within one security structure.
Timing Reflects a Harder Threat Environment
The announcement arrived a week after one of the year’s biggest DeFi losses. Drift Protocol lost around $280 million after a social engineering attack linked to North Korean threat actors. Another recent case added pressure to strengthen defenses.
In January, Step Finance lost $40 million, while AI agents reportedly amplified the damage by executing large transfers autonomously. Those incidents fit a wider pattern identified by blockchain security and intelligence firms.
TRM Labs said illicit actors stole $2.87 billion across nearly 150 hacks and exploits in 2025. TRM added that infrastructure attacks drove about $2.2 billion of those losses, or 76%. That marked a shift away from smart-contract flaws toward compromised keys, wallets, and control systems.
Chainalysis, on the same accord, described the identical environment in its 2026 Crypto Crime Report introduction. The firm said DPRK-linked hackers stole more than $2 billion in 2025, calling that year their most destructive yet.
Related: Rwanda Warns Bybit FRW Crypto Trading Stays Illegal Now
Why the Rollout Matters
Notably, the foundation’s response matters as it reflects that changing threat model. Its latest measures combine code review, operational controls, live surveillance, and coordinated incident response, rather than relying on audits alone.
That combination gives the Solana ecosystem a more layered defense at a time when attack methods are expanding. The strategy also places public accountability at the center through independent assessments and published findings.
In practical terms, the initiative answers a simple problem with a broader system. As risks move beyond code, security on Solana is being rebuilt to address infrastructure, response speed, and transparency.
