STRIDE: A Security Program for the Solana Ecosystem

A structured approach to evaluating the security posture of projects in the Solana ecosystem.

Asymmetric Research Asymmetric Research × Solana Foundation Solana Foundation

Why STRIDE

The most consequential security failures in DeFi aren't always about the code. Technically sound programs still get undermined by misconfigured multisigs, weak access controls, and operational gaps that traditional audits don't cover.

STRIDE (Solana Trust, Resilience and Infrastructure for DeFi Enterprises) addresses those gaps by defining requirements across eight pillars, giving protocols a clear baseline to measure and improve against. Protocols are independently assessed against those requirements, and the findings are published publicly. This gives users, investors, and the broader ecosystem real transparency into the security posture of the protocols they use.

Who built it

STRIDE is a joint effort between Asymmetric Research and the Solana Foundation.

Asymmetric Research is a security firm whose work spans research, incident response, engineering, infrastructure, and physical security. Through long-term, embedded partnerships with some of Solana's most critical projects, we've repeatedly seen the same pattern: the most serious failures rarely surface during an audit. They come from operational gaps and governance weaknesses. STRIDE distills that frontline experience into a framework that Solana teams can apply.

It was developed with the support of the Solana Foundation, reflecting a shared goal: making security infrastructure accessible to protocols at every stage, not just those with the resources to seek it out independently. The highest-value protocols receive rigorous, ongoing protection, while smaller teams have a clear standard to build toward.

How STRIDE works

STRIDE evaluates a project across eight pillars of security. Each pillar contains a set of controls, and each control is scored on a four-point maturity scale, from not implemented to advanced. Pillar scores roll up into a risk tier, giving protocols a clear, comparable read on where they stand and what to improve.

See the full framework

STRIDE vendor partners

Participants will work with relevant partners across areas like fuzzing, static analysis, bug bounties, VDPs, and formal verification to address findings and strengthen their security posture.

Every STRIDE assessment raises the security baseline for the whole ecosystem.

Request an assessment