Soladrome Labs

We won't tell you Soladrome "can't be hacked." The people who say that are the ones to worry about. What we'll tell you: we never stop looking. No audit is final, so we treat security as a daily habit, not a milestone.

The honest part: a human ships the fix. The daily pass proposes — it never auto-patches production. We review every finding and decide. That's why it surfaces real issues without lulling us into false confidence.

But the pass is not a rubber stamp. It found something in our own code. A low-severity griefing vector in our bribe rollover: a forged account could fake "votes" and delay a rollover by ~14 days. No funds at risk — but real. We fixed it today. 🛠️

Cetus $200 M. A broken overflow check in concentrated-liquidity math let an attacker spoof reserves. Soladrome runs classic xy=k with checked u128 math everywhere, and tracks reserves internally — not from token balances. ✅ Not affected.

Drift $286 M. Social-engineered signers + oracle manipulation via a fake token. Soladrome has no external oracle. The floor price is deterministic — 1 SOLA = 1 USDC, backed in the vault. There's simply no oracle surface to manipulate. ✅ Not affected.

Raydium $1.34M, June 10. A legacy AMM didn't validate the LP mint → attacker forged a fake LP token and withdrew reserves. Soladrome: the LP mint is pinned on-chain (address = pool.lp_mint). A forged mint is rejected before the handler even runs. ✅ Not affected.

Most protocols audit once, freeze the code, and never look again. New exploit patterns ship every week. The code that was "audited" in May can be drainable in June — same bytes, new playbook. So we re-audit daily, against the attacks that dropped this week.

Security thread — anchored on today's run (June 16) We run a security pass on Soladrome every single day. Today's pulled the biggest DeFi hacks of the past weeks — Raydium, Drift, Cetus — and threw every one at our own code. Here's what came back.

Most tokens have one thing in common: they can go to zero. SOLA can't. Not "shouldn't" — can't, by design. Here's the mechanism that puts a hard floor under every single token.

That flips the usual risk. On most tokens: upside is hyped, downside is unlimited. On SOLA: upside is open (the curve), downside is mathematically bounded at the floor. You always know the worst case before you enter.

World premiere for Soladrome Labs.