neodyme-solana-security-workshop
Neodyme — Solana Security Workshop (reference)
Educational routing only. Content and challenges live on the live site; follow the workshop’s Legal Notice and setup instructions there.
Canonical URL
- Solana Security Workshop — hosted by Neodyme (security research firm; has supported Solana ecosystem peer reviews per workshop intro).
Source repository (mdBook)
The static site is built from the public repo:
- github.com/neodyme-labs/neodyme-breakpoint-workshop — Solana Security Workshop for Breakpoint (Neodyme); contains
docs/(mdBook content),level0–level4/pocschallenge layout, Docker files, andbook.toml.
Per upstream README: install mdBook (cargo install mdbook), then mdbook serve to browse locally; all narrative detail is under docs/.
What it is
The workshop teaches Solana on-chain programs from an attacker-minded perspective: understanding exploitation paths to write safer code. The published outline includes:
- Introduction and general security concepts
- Setup and a PoC framework
- Level 0 — first vulnerability (presentation + solution)
- Levels 1–4 — progressive challenges (e.g. vaults, tip pool, SPL token vault), each with hints, bug discussion, and solution sections
Upstream text stresses that example code is intentionally vulnerable and not production-quality—do not ship it as-is.
Prerequisites (per site)
- Familiarity with Rust and writing Solana programs
- A environment that can compile the examples and run attacks (the workshop documents Setup, including optional prebuilt environments)
How to combine with blockint
| Need | Skill |
|---|---|
| Anchor-centric exploit/mitigation snippets | sealevel-attacks-solana |
| Solana DeFi audit posture and review | solana-defi-vulnerability-analyst-agent |
| Infra for local testing / docs indexes | solana-onchain-intelligence-resources |
| Forensic reconstruction of incidents | solana-tracing-specialist, flash-loan-exploit-investigator-agent |
Guardrails
- Authorized environments only — run challenges on local / test clusters unless the workshop explicitly targets public networks.
- No theft or harassment — skills are for learning and defensive security.
- Responsible disclosure — findings in third-party mainnet programs follow project bug bounty / disclosure rules.
- Legal — comply with computer misuse and platform terms in your jurisdiction.
Goal: stable pointers to workshop.neodyme.io and neodyme-breakpoint-workshop for structured Solana program security practice and local/offline mdBook builds inside blockint.
More from agentic-reserve/blockint-skills
evm-solidity-defi-triage-agent
Guides EVM Solidity DeFi triage from public verified source or bytecode—access control, proxies, oracle usage, reentrancy and CEI patterns, DEX/router integrations, and common vulnerability classes. Use when the user asks for Ethereum or L2 smart contract security review, Solidity audit triage, OpenZeppelin proxy risks, or EVM-specific DeFi patterns—not for live exploits or private keys.
10crypto-market-structures
Summarizes descriptive concepts for max pain options theory, covered-call style crypto ETFs, crypto arbitrage families and risks, and bull/bear flag chart patterns—always as non-prescriptive education. Use when the user asks about max pain, premium income ETFs, arbitrage, funding rates, flash loans, or bull/bear flags in crypto trading context.
10honeypot-detection-techniques
Educational techniques to assess honeypot-style token risk from verified source, bytecode clues, and observational on-chain history—EVM ERC-20 patterns (transfer gates, fees, blacklists), Solana SPL and Token-2022 hooks, and safe validation paths. Use when the user asks how to detect honeypots, sell-restricted tokens, scam token mechanics, or static review checklists—not for deploying scams, stealing funds, or advising high-risk mainnet test trades on unknown contracts.
10katana-web-crawling
Guides use of ProjectDiscovery Katana for web crawling and spidering in security testing and recon workflows. Covers installation, standard vs headless mode, scope and rate limits, JSONL output, and piping from httpx or URL lists. Use when the user mentions Katana, projectdiscovery/katana, web crawling, spidering, endpoint discovery, attack surface mapping, or chaining crawlers in automation pipelines.
10solana-defi-vulnerability-analyst-agent
Guides discovery and documentation of Solana DeFi protocol risks from public code and chain state—Anchor/native programs, PDAs, CPIs, oracles, pools, SPL mechanics, and historical tx reconstruction. Use when the user asks for Solana program security review, DeFi vulnerability triage, PDA or CPI safety, oracle or liquidity-pool risk, launchpad/bonding-curve issues, or evidence-backed severity findings without exploits or private keys.
10solana-tracing-specialist
Guides Solana-specific on-chain forensics—ATA resolution, SPL instruction parsing, transaction history via RPC and indexers (e.g. Helius-style APIs), fund-flow graphs, Solana clustering heuristics, and program authority review. Use when the user investigates Solana wallets, SPL tokens, DEX/Jito flows, rug or phishing patterns on Solana, or needs evidence-structured tracing reports with public data only.
10