Back to Blog

Lead in: Solana Simplified

July 1, 2024
2 min read

Solana is celebrated for its high speed, low costs, high transaction throughput, and low latency. These features have made it an increasingly favored platform among both users and developers for all kinds of decentralized applications.

To help both readers and developers navigate this robust ecosystem, BlockSec has specially curated the "Solana Simplified" series. This series covers the fundamental concepts of Solana, practical guides on analyzing Solana transactions, and comprehensive tutorials on writing Solana smart contracts. Let's dive in. 🙌

Breaking Down: A Comprehensive Overview

In the first part of this series, let's delve into the key concepts of the Solana network, including its operating mechanisms, account model, and transactions. This will lay the foundation for writing correct and efficient smart contracts on Solana.

In this article, we will guide you through writing a Solana program (i.e., a Solana smart contract) for posting and displaying articles. We will cover everything from environment setup and contract logic to program testing.

In the last part, we will introduce Solana's special token mechanism and teach users how to analyze a simple Solana transaction using Phalcon Explorer.

About BlockSec

BlockSec is a full-stack Web3 security service provider. The company is committed to enhancing security and usability for the emerging Web3 world in order to facilitate its mass adoption. To this end, BlockSec provides smart contract and EVM chain security auditing services, the Phalcon platform for security development and blocking threats proactively, the MetaSleuth platform for fund tracking and investigation, and MetaSuites extension for web3 builders surfing efficiently in the crypto world.

To date, the company has served over 300 clients such as Uniswap Foundation, Compound, Forta, and PancakeSwap, and received tens of millions of US dollars in two rounds of financing from preeminent investors, including Matrix Partners, Vitalbridge Capital, and Fenbushi Capital.

Website: https://blocksec.com/

Email: [email protected]

Twitter:https://twitter.com/BlockSecTeam

MetaSleuth: https://metasleuth.io/

MetaSuites: https://blocksec.com/metasuites

Sign up for the latest updates
~$5.98M Lost: Aztec, Raydium & More | BlockSec Weekly
Security Insights

~$5.98M Lost: Aztec, Raydium & More | BlockSec Weekly

This weekly blockchain security report covers the period of June 8 to June 14, 2026, analyzing 4 notable incidents across Ethereum and Solana with total losses of approximately $5.98M. The highlighted events include Aztec Connect, where a missing input validation allowed the rollup's proof path and L1 settlement to reach inconsistent states, and Raydium, where a missing validation check on the legacy AMM v3 program allowed an attacker to manipulate the LP token redemption calculation and drain four pools. Both vulnerabilities had been live for years before exploitation. The report examines attack types including lack of input validation, integer overflow, and governance capture.

OFAC Sinaloa Cartel Sanctions: On-Chain Fund Tracing

OFAC Sinaloa Cartel Sanctions: On-Chain Fund Tracing

OFAC sanctioned a Sinaloa Cartel network for laundering fentanyl proceeds. We traced the six sanctioned addresses on-chain with MetaSleuth, and the money runs almost entirely through centralized exchange deposit addresses.

Zcash Orchard Soundness Bug Analysis | BlockSec Weekly
Security Insights

Zcash Orchard Soundness Bug Analysis | BlockSec Weekly

During the week of June 1, 2026, a critical soundness vulnerability was publicly disclosed in Zcash's Orchard shielded pool circuit, caused by a missing equality constraint in the halo2 ECC scalar multiplication gadget that could have enabled undetectable counterfeiting of ZEC within the Orchard pool through double-spending. The vulnerability, which existed for over four years since Orchard's activation in May 2022, was discovered by an AI-assisted security audit and patched through an emergency network upgrade (NU6.2). This single-event report covers the technical root cause (under-constrained ZK circuit relation), the AI-assisted discovery by researcher Taylor Hornby using Anthropic's Opus 4.8 model, the emergency response timeline, and the broader implications for the ZKP ecosystem.