Common Security Exploits
Sealevel Attacks
Anchor uses a lot of magic to help eliminate footguns, but if you're shipping anything to mainnet, it's important you understand every bit of that magic and the motivation behind it. A list of common attacks can be found here, providing three different examples for each example attack
- insecure - represents flawed code that may be insecure
- secure - represents a fix
- recommended - represents a fix with idiomatic Anchor code
Note that none of these examples are not necessarily secure, but they are meant to showcase a specific issue and a recommended fix in isolation. One can find some nice explanations of these sealevel attacks here. It's strongly recommended to study each of these cases when building protocols on Solana.