The continuous on-chain attestation layer for Solana DeFi. Operates between STRIDE evaluations: minute-by-minute, machine-readable, composable in DeFi program logic. Two products, one primitive — protocols pay for monitoring + alerts; underwriters and risk engines pay for the continuous feed; the chain is free for everyone.
The attackers didn't exploit Drift's code. They exploited its signing pipeline. Over months they built relationships with the Drift Security Council, learned its routines, and used Solana's durable-nonce primitive to get legitimate admins to pre-sign transactions that would execute weeks later.
When those dormant signatures were finally triggered, they handed attackers admin control. Within minutes a fake token was whitelisted as collateral, an oracle the attackers controlled priced it at $1, and 500M of it was borrowed against to drain $285 million in real assets.
Nothing about this attack required a zero-day. Every stage was public on-chain activity. Every stage looked suspicious in isolation and damning in sequence. What was missing was the layer watching for it.
$624M drained from DeFi protocols across every major chain in the last 30 days. The pattern is industry-wide, the velocity is accelerating, and existing security tooling isn't keeping pace. Attentra focuses on the slice we can actually solve — continuous on-chain attestation for Solana protocols.
The Attentra attestation is a structured, deterministic account on a Solana PDA. It carries a 0–100 health score, per-check pass/fail flags, and a status discriminator: Confirmed, PendingReview, OverrideAcknowledged, or Stale.
Reading the on-chain account is free, forever — just RPC fees. What underwriters, risk engines, and custodians pay for is the aggregated feed: history, webhooks, indexed queries, network-wide analytics, and SLAs on freshness. The primitive on chain is the public good; the data product around it is the institutional layer.
The deterministic property is what makes this work. Given the same chain state, every score is bit-identical on every machine. Run our open-source verifier; if it disagrees with what's on chain, the published attestation has drifted and you should not trust it. Trust-but-verify, programmable.
On April 6, 2026 — five days after the Drift drain — the Solana Foundation funded STRIDE for periodic security evaluation and SIRN for coordinated incident response. Attentra is the continuous on-chain attestation layer that operates between them.
STRIDE establishes the periodic credential. SIRN responds when incidents happen. Attentra is the live signal between them — the machine layer DeFi programs read in their own code, and the institutional data feed underwriters, risk engines, and custodians read independently. Three layers of the same stack. Not competitive — complementary.
Anyone can read the on-chain account — that's the public good and how the network gets composability. But underwriters, risk engines, and custody providers need more: aggregated history, webhooks, network-wide analytics, SLAs. That's where Attentra's institutional data product begins.
Replace weeks of manual diligence with a continuous on-chain feed. Price premiums dynamically against the attestation. DeFi insurance protocols and traditional insurers exploring DeFi.
Data feed · paid tierDeFi risk firms (Gauntlet, Llama Risk, Steakhouse, Block Analitica) consume per-check decomposition for protocol scoring methodologies. One source of truth.
Data feed · paid tierGate institutional flows on attestation freshness. Anchorage, BitGo, Fireblocks can reject withdrawals to or deposits from protocols outside SLA.
Enterprise tierRead attentra_score in your own program logic. Auto-pause borrowing or raise collateral factor when a monitored protocol's score drops or status flips PendingReview.
Free on-chain readRoute around protocols whose attestations are Stale or PendingReview. Surface attestation status in the UI so users see the risk before swapping.
Free on-chain readRender an attestation badge on every protocol interaction. Phantom, Backpack, Solflare can show users live posture before they sign — not after.
Free on-chain readFlatten positions or pull liquidity when a monitored protocol enters PendingReview. Sub-second decision input, programmatic, no human in the loop.
Free on-chain readRebalance constituents based on attestation health. Tokenized index funds, structured products, and treasury management can systematically de-risk.
Free on-chain readNot smart-contract audits — continuous monitoring. We watch the seven dimensions of admin-surface activity where real attacks originate on Solana. Every detected change becomes an alert to your team and a state update on chain.
Pre-signed transactions that can execute weeks after signing — the Drift vector. Every nonce creation and consumption on admin-adjacent accounts is flagged.
Critical signalProgram upgrades, authority transfers, and freeze events on every program you deploy or depend on. Any change to who can deploy code is flagged within seconds.
Critical signalFee changes, collateral whitelists, borrow caps, oracle account swaps. The actual substance of what your protocol does, monitored for every mutation.
High signalNew multisig members, lowered thresholds, removed signers. The same playbook attackers used against Drift, detected the moment it executes.
Critical signalNew price feeds, feed authority changes, stale feeds, price deviations outside tolerance. The fake-CVT-at-$1 pattern, caught before anything borrows against it.
Critical signalNew counterparties, unusual staking activity, cross-chain movement, any interaction with known drainer or phishing wallet graphs.
High signalThe sleeping half of the Drift attack — signed transactions that haven't executed yet. We find them before the trigger pulls.
Critical signalEvery integration starts with a surface review — we map your protocol's specific admin topology and add bespoke rules.
Patterns that span multiple protocols or wallets. If an attacker grooms one Solana protocol, every other Attentra customer benefits from the signal.
Network effectEvery alert includes the raw transaction, a plain-English simulation of what changes, severity reasoning, and a runbook. No ops team has to translate crypto into English — this is what protocols subscribe for.
update_asset_config
transaction. Admin action on collateral parameters — highest severity class. Simulation below.
Monitoring tells your team something went wrong. Attestation tells everyone else how you're doing — underwriters, custodians, aggregators — without asking them to trust our dashboard.
Every Attentra customer gets an on-chain attestation account. Every 60 seconds, our engine evaluates your declared security invariants — upgrade authority, admin signer set, timelock duration, oracle feeds, bytecode hash, governance config — and writes the current state to your attestation PDA.
The PDA is a normal Solana account. Your investors, your insurers, your users, your auditors, your aggregator of choice can query it from any RPC endpoint in two seconds. No API key. No Attentra dashboard login. No trust in us beyond the checks themselves, which are open-source and independently reproducible.
A Solana security product that isn't on Solana is just another dashboard. We're on-chain, by construction.
Attst9ZkY4vH...kL2m
github.com/Attentra-labs/attestation
Most security tools tell you what already happened. Attentra simulates inflight admin transactions before they're confirmed and renders the predicted state diff alongside the alert.
Your team doesn't see "threshold changed" three minutes after the fact. They see "if this transaction lands, threshold drops from 3-of-5 to 1-of-5" while the transaction is still pending — with enough time to override, escalate, or page on-call.
The simulator is a separate Rust crate (attentra-simulate) that runs against the same RPC your engine reads from. Per-account scoping keeps simulation cost bounded; the diff is structured, not free-text, so it composes into alerts and dashboards cleanly.
On-chain attestations are powerful — and dangerous if misused. A false positive published to chain could trigger a panic sell-off in seconds. We designed against that from day one, in four layers.
Reading an attestation is a single RPC call. Composing against it inside your program is two lines of Anchor. The on-chain account is open and free; the SDK is open-source; the verifier is open-source. This is infrastructure, not a vendor.
@attentra/sdk npm package
(post-mainnet). For now, read the PDA directly with web3.js.
Attentra runs alongside your existing audits and monitoring — not instead of them. Five stages, zero code changes to your protocol, no private keys shared.
Dedicated Solana validator + Yellowstone gRPC. Every slot, every transaction touching your admin surface, within 400ms of finality.
Seven detection dimensions, ensemble heuristics, protocol-specific rules. Every action tagged with severity and evidence.
Pending and dormant transactions simulated against current state. Output is plain-English: "this enables X to borrow Y against Z."
Your security posture is published to an on-chain attestation account every ~60 seconds. Tamper-evident, independently verifiable, queryable by anyone with an RPC.
Slack, Discord, PagerDuty, SMS, webhooks. Every alert includes evidence, simulation, and a runbook. Your team gets what they need to act — not a riddle to decode.
Protocols above $10M TVL get foundation-funded threat monitoring through STRIDE. Attentra is the layer that goes further: continuous on-chain attestation that's composable in your own program logic, custom detection rules specific to your admin topology, pre-confirmation simulation, alerting integrated with your runbook, and the institutional data feed underwriters and custodians read independently. Not instead of STRIDE — additive to it.
STRIDE publishes its findings to a public repository for users and investors to read — that's a credential, not a feed. Underwriters, risk engines, and custody providers need structured, continuous, machine-queryable data about every monitored protocol's posture, not human-reviewed reports published quarterly. Manual diligence does not scale to the rate at which DeFi protocols ship changes.
Attentra is the on-chain artifact that satisfies this requirement — plus the institutional data feed around it. The on-chain primitive is free; the aggregated feed (history, webhooks, network analytics, SLAs) is the paid product. This is where Attentra's revenue actually comes from.
Nexus Mutual, Sherlock, OpenCover, Native, Cover — plus traditional carriers exploring DeFi underwriting. Replace manual diligence. Price premiums against the score. Re-verify in 30 seconds.
Gauntlet, Llama Risk, Steakhouse, Block Analitica. Continuous per-check decomposition feeds your protocol scoring methodology. One source of truth, one integration, one feed.
Anchorage, BitGo, Fireblocks, Copper. Gate institutional flows on attestation freshness. Reject withdrawals to or deposits from protocols outside SLA. Compliance evidence, programmatic.
We are actively designing the integration surface for institutional data consumers. The attestation schema is open; the CLI verifier is open source; the math is deterministic. Pricing is being shaped against the first three anchor customers. Reach out to evaluate Attentra as your underwriting, risk-modeling, or compliance substrate.
Reads of the on-chain account are free, always — that's the public good. Protocols pay for monitoring, alerting, and incident response. Underwriters, risk firms, and custodians pay for the institutional data feed around the primitive.
Within each track, we don't gate features. Every tier runs the full detection engine. Tiers represent how much of your reality the attestation reflects (Track A) or how much of the network you can read (Track B). The score on chain becomes a richer, more credible signal as protocols climb — which is what underwriters and capital allocators reward.
A 20-minute call. We'll run our detection surface against your protocol using only public data and show you what we'd flag right now — or walk an underwriter / risk firm / custodian through the data feed. Either conversation is worth your time.