Solana Foundation Launches STRIDE Security Framework and SIRN Incident Response Network

A Unified Security Architecture for Solana

Solana Foundation has announced two major cybersecurity initiatives: the STRIDE security framework and the Solana Incident Response Network (SIRN). The announcement, made on April 6, 2026, aims to establish a unified security standard for projects operating within the Solana ecosystem.

"Solana was built for security. As the ecosystem scales, so does our investment in the tools, standards, and support. Today that commitment deepens with a new security program, active monitoring, formal verification for top protocols, and a new crisis response network" — Solana Foundation (@SolanaFndn), original post

Why This Matters

The announcement comes on the heels of a $280 million hack of DeFi protocol Drift — one of the largest security breaches in crypto history. On April 5, the Drift team disclosed details of the attack and attributed it to North Korean hackers. With state-sponsored threat actors increasingly targeting DeFi protocols, a systematic approach to security has become essential for major blockchain ecosystems.

How STRIDE Works

The STRIDE framework was developed in collaboration with Web3 firm Asymmetric Research. It is described as a structured program for assessing, monitoring, and strengthening security measures across Solana-based projects. Protocols are evaluated across eight core dimensions:

• Program security
• Governance and access control
• Oracle risks
• Infrastructure security
• Supply chain security
• Operational security
• Incident monitoring and response
• Log management and forensics

Asymmetric Research emphasized that protocols are assessed independently and results are published openly. This approach provides users, investors, and the broader ecosystem with genuine transparency regarding the security posture of platforms they interact with.

Monitoring and Formal Verification

STRIDE will provide ongoing monitoring of operational security and active threats for protocols with TVL above $10 million that pass the assessment. All associated costs will be covered by Solana Foundation.

Projects with TVL exceeding $100 million will receive additional funding from the foundation for formal verification — a mathematical proof-based method that examines every possible state and execution path of a smart contract to guarantee its correctness.

The SIRN Response Network

Alongside STRIDE, the foundation announced the creation of SIRN — a network that will unite security firms for coordinated, real-time response to hacking incidents on the Solana network. SIRN participants will share threat intelligence, coordinate joint actions, and contribute to the ongoing evolution of the STRIDE framework.

Together, these initiatives mark a shift from reactive security — where responses come only after an incident — to a proactive model built around continuous monitoring and pre-established coordination among ecosystem participants. For an ecosystem that has seen rapid growth in TVL and user activity, the timing of such infrastructure could prove critical in deterring future large-scale attacks.