Connect with us

FEATURED

How Dylint tackles Sealevel attacks on Solana

Published

on

Speaking at the Breakpoint event by Solana, Samuel Moelius, a contributor to Dylint, explained that he is working on managing the Sealevel attacks in the blockchain ecosystem. Sealevel Attacks are exploits that are unique to the Solana blockchain, which can be avoided by using Anchor Framework.

According to Samuel, there are 11 Sealevel attacks: signer-authorization, owner-checks, typo-cosplay, initialization, arbitrary-cpl, duplicate-mutable-accounts, bump-seed-canonicalization, pda-sharing, closing-accounts, and sysvar-address-checking. And each of these attacks has three versions – insecure, secure, and recommended. 

To deal with attack number 2 (owner-checks) that ensures owners are properly checked, devs can introduce Dylint, he added

How Dylint works

Samuel explained that Dylint is a protocol tool for initiating and managing lint on the Rust language and lints help to flag off errors and bugs in a code. He further mentioned that devs who use Rust must have seen compiler lints such as unreachable_code, unused_imports, and while_true while users of Clippy, would have experienced lints like too_many_arguments, from_over_into and redundant_closure.

The developer mentioned that Dylint is divided into cargo command and driver. When the user launches the cargo command, the driver starts to run, which in turn activates “one or more dynamic libraries” that are completed in the Rust compiler. 

Advantages of Dylint 

Expanding on the difference between Dylint and Clippy, he said that Dylint “runs lints from dynamic libraries named by the user” instead of running a “predetermined status set of lints”. The advantage is that Dylint allows devs to maintain their personal collection.

He also explained that devs who want to write a Dylint lint don’t have to learn a new way of writing the API as it is similar to that of writing a Clippy lint and Rust lint. It is also easier to get a lint up and running with Dylint, thus allowing more lints to enter a library at a time.

On future developments of Dylint, Samuel added that out of the 11 attacks mentioned, the team has 6 lints, 2 are being developed, while three are yet to be initiated, and devs are invited to help out. He praised Victor Wei and Andrew Haberlandt as two major contributors to the project. Click here to learn more.

Read also;

Solana & Ethereum battle for NFT supremacy — report

Benefits of building mobile apps on Solana

 

Advertisement Earnathon.com
Click to comment

What's Your Opinion? Please Leave a Comment

Latest Episode on Inside Blockchain

Crypto News Update

Crypto Street

Advertisement



Trending

ALL Sections

Recent Posts