SseRex: Practical Symbolic Execution of Solana Smart Contracts
This addresses security risks for Solana developers and users by providing a specialized tool for detecting Solana-specific bugs, though it is incremental as it adapts symbolic execution to a new platform.
The paper tackled the problem of security vulnerabilities in Solana smart contracts by developing SseRex, a symbolic execution approach that identified potential bugs in 467 out of 8,714 contracts and outperformed existing methods.
Solana is rapidly gaining traction among smart contract developers and users. However, its growing adoption has been accompanied by a series of major security incidents, which have spurred research into automated analysis techniques for Solana smart contracts. Unfortunately, existing approaches do not address the unique and complex account model of Solana. In this paper, we propose SseRex, the first symbolic execution vulnerability detection approach for finding Solana-specific bugs such as missing owner checks, missing signer checks, and missing key checks, as well as arbitrary cross-program invocations. Our evaluation of 8,714 bytecode-only contracts shows that our approach outperforms existing approaches and identifies potential bugs in 467 different contracts. Additionally, we analyzed 120 open-source Solana projects and conducted in-depth case studies on four of them. Our findings reveal that subtle, easily overlooked issues often serve as the root cause of severe exploits, further highlighting the need for specialized analysis tools like SseRex.