An interactive simulation arena for exploring Solana smart contract vulnerabilities. Test exploits against live programs on Devnet with real transactions and visual feedback.
A hands-on learning environment where you can:
- Execute real exploits against intentionally vulnerable Solana programs
- Compare vulnerable vs secure implementations side-by-side
- See the difference in real-time with transaction logs and balance changes
- Understand the fix by toggling between broken and patched versions
Each module targets a specific vulnerability class with deployed programs on Devnet.
| # | Module | Vulnerability | Difficulty |
|---|---|---|---|
| 01 | PDA Sharing | Shared authority allows cross-user access | Intermediate |
| 02 | Account Reloading | Stale data after CPI calls | Advanced |
| 03 | Revival Attack | Reusing "closed" account state | Advanced |
| 04 | Integer Overflow | Arithmetic underflow corrupts balances | Rookie |
| 05 | Duplicate Mutable Accounts | Same account passed twice doubles state | Intermediate |
| 06 | Arbitrary CPI | Unchecked program ID in CPI calls | Intermediate |
| 07 | Data Matching | Fake accounts bypass has_one checks |
Intermediate |
Coming Soon (Pinocchio): | 08 | Signer Checks | Missing signature verification | Rookie | | 09 | Owner Checks | Missing account ownership validation | Rookie |
# Install dependencies
pnpm install
# Start the dev server
pnpm dev
# Open browser
open http://localhost:3000Connect a Devnet wallet and select a module to begin.
- Frontend: Next.js 15, Tailwind CSS v4, Jotai
- Solana: @solana/web3.js, @coral-xyz/anchor
- Programs: Anchor (deployed to Devnet)
security-playground/
├── src/
│ ├── app/
│ │ ├── page.tsx # Module selection grid
│ │ └── modules/
│ │ ├── pda-sharing/
│ │ ├── account-reloading/
│ │ ├── arbitrary-cpi/
│ │ ├── data-matching/
│ │ └── ...
│ ├── components/
│ │ └── modules/
│ │ ├── pda-sharing/
│ │ │ ├── pda-sharing.feature.tsx
│ │ │ └── use-pda-sharing.ts
│ │ └── ...
│ └── anchor-interface/
│ └── idl/ # Program IDLs
└── package.json
- Deploy vulnerable + secure programs to Devnet
- Copy IDLs to
src/anchor-interface/idl/ - Create page route:
src/app/modules/[module-name]/page.tsx - Create feature component + hook in
src/components/modules/[module-name]/ - Add card to homepage grid in
src/app/page.tsx
The vulnerable and secure programs used in this playground are sourced from the underlying security repository:
👉 ubadineke/solana-security-by-example
This repository contains the source code for all Anchor programs, including:
- ❌ Vulnerable implementations (exploitable on Devnet)
- ✅ Secure implementations (patched and safe)
- 🧪 Tests demonstrating each exploit locally
MIT