Detect Attack Staging Before Execution
Free on-chain monitoring for durable nonce staging and multisig configuration changes on Solana. Get alerted to signer-compromise and governance-manipulation patterns before funds move.
Why This Matters
The highest-impact Solana exploits in 2024 and 2025 did not start with smart-contract bugs. They started with control-plane attacks: compromised signers, manipulated multisig configurations, and pre-staged transactions using durable nonces.
These attacks are difficult to detect because the on-chain actions that enable them — creating a nonce account, changing a nonce authority, adding a multisig member — are individually legitimate operations. It is only in context that they become indicators of compromise.
This free monitoring tool watches for those early-stage signals so that teams can investigate and respond before an attacker reaches the point of execution.
What It Detects
Continuous monitoring for the on-chain events most commonly associated with attack staging on Solana.
Nonce Creation
Monitoring for new durable nonce account creation that could indicate transaction pre-staging for future unauthorized execution.
Nonce Authority Change
Detection of authority transfers on existing nonce accounts that may signal compromised signers or governance manipulation attempts.
Squads v4 Config Change
Tracking configuration modifications to Squads v4 multisig programs including member additions, removals, and threshold changes.
Who Should Use It
This tool is designed for any Solana team that manages program upgrade authority, treasury multisigs, or governance infrastructure. It is especially relevant for:
- DeFi protocols with significant TVL or upgrade authority controlled by multisigs
- DAOs and governance systems that use Squads v4 for operational security
- Infrastructure teams that need visibility into nonce activity across their programs
- Security teams performing ongoing monitoring as part of post-deployment operations
Get Started
Enable free nonce and multisig monitoring for your Solana program in minutes. No code changes required.
Need deeper security coverage?
Sec3 provides audits, formal verification, and continuous security support for Solana protocols.