Learn how to think intelligently about security for your onchain programs, whether developing in Anchor or in Native Rust.
Ensure instructions are only ran by authorized accounts by implmementing Signer checks.
Understand the use of account owner checks when processing incoming instructions.
How to check your program's data accounts in both Anchor and Native Rust.
Understand the security risks of account reinitialized attacks being used to override data, and how to prevent them.
Under vulnerabilities that can occur with instruction handlers that handle two mutable accounts, and how to mitigate them.
Under the risks of accounts of the wrong type being used in instruction, and use account type checks to mitigate them.
How to safely invoke Solana programs from other Solana programs.
Understand the need for consistent PDA calculation by storing and reusuing the canonical bump.
How to close program accounts safely and securely in Anchor and native Rust.
Understand the potential problems of reusing PDAs by using user and domain specific PDAs.
Got a question?
Questions are everywhere, answers are on the Solana StackExchange.
Ask on Stack Exchange