RIFTS Protocol — Contract Audit Case Study
Case Studies
RIFTS Protocol is a sophisticated Solana-based DeFi platform built using the Anchor framework and compiled to Solana BPF programs. The protocol implements a multi-module architecture encompassing wrapped token mechanics, governance systems, LP staking rewards, and automated fee collection with Jupiter DEX integration.
The protocol's scope included four core program modules: the main RIFTS protocol contract, a fee collector with DEX swap capabilities, an LP staking rewards system, and a comprehensive on-chain governance mechanism. Given the complexity of cross-program invocations (CPIs), oracle integrations, and token economics, RIFTS Protocol engaged Assure DeFi to conduct a thorough security assessment before mainnet deployment.
The initial audit revealed significant security challenges across all modules, resulting in a FAIL classification with 41 high-severity findings, 14 medium-severity issues, 2 low-severity concerns, and 5 informational observations. This comprehensive assessment provided the foundation for a systematic remediation process that would ultimately strengthen the protocol's security architecture.
The security assessment covered the complete RIFTS Protocol codebase written in Rust using the Anchor framework. The audit employed both static analysis and manual code review methodologies to identify vulnerabilities across multiple attack vectors.
Modules in Scope:
programs/rifts-protocol/src/lib.rs - Core protocol logic, token wrapping, oracle integrationprograms/fee-collector/src/lib.rs - Fee collection and Jupiter DEX swap executionprograms/lp-staking/src/lib.rs - LP token staking and reward distributionprograms/governance/src/lib.rs - On-chain governance and proposal executionThe audit focused on critical security domains including authorization controls, oracle integrity, numeric precision, PDA seed management, CPI safety, token account validation, and governance attack vectors. Special attention was paid to Solana-specific vulnerabilities such as account validation bypasses, signer seed inconsistencies, and cross-program invocation risks.
The assessment was conducted in two phases: an initial comprehensive audit that identified the full vulnerability landscape, followed by a verification audit after the development team implemented fixes. This iterative approach allowed for thorough validation of remediation efforts.
The initial security assessment revealed a critical security posture requiring immediate attention across all protocol modules. The audit identified 62 total findings distributed across severity levels:
The concentration of high-severity findings reflected fundamental security gaps in authorization mechanisms, numeric handling, account validation, and cross-program interaction patterns. The protocol received an initial audit score of 30/100, well below the 84-point passing threshold, resulting in a FAIL classification.
Key vulnerability categories included arbitrary oracle price injection, unsafe Jupiter DEX integration, numeric truncation risks, inconsistent PDA seed management, missing token account constraints, governance voting manipulation vectors, and uninitialized vault accounts. These findings represented both Solana-specific security patterns and general smart contract vulnerabilities applicable across blockchain platforms.
The audit uncovered several critical vulnerability classes that required immediate remediation:
1. Arbitrary Oracle Price Injection (High)
The most severe finding involved the UpdateJupiterOracle function, which accepted unconstrained price update accounts without verifying publisher identity or registry membership. An attacker could initialize their own price update account and inject arbitrary pricing data, potentially manipulating mint/redeem operations. The remediation implemented a trusted oracle feed with publisher allowlisting and seed-based account binding, ensuring only authorized price sources could update protocol state.
2. Unsafe Jupiter DEX Integration (High)
The fee collector's Jupiter CPI implementation trusted arbitrary caller-provided routing accounts and hardcoded slippage to 95% regardless of user parameters. The custom instruction serialization format didn't match Jupiter's actual ABI, and the lack of AMM allowlisting exposed the protocol to malicious routing. The fix implemented official Jupiter CPI interfaces, strict minimum output enforcement, and AMM program ID validation.
3. Numeric Truncation & Overflow Risks (High)
Multiple instances of unchecked as u64 casts from u128 values created silent truncation risks in supply, price, and reward calculations. The LP staking module's reward calculation multiplied large values with a 1e12 precision constant in u64 space, guaranteeing overflow under realistic parameters. All arithmetic was migrated to u128 with checked downcasts and explicit precision documentation.
4. Governance Voting Manipulation (High)
The governance system suffered from multiple attack vectors: missing mint validation allowed voting with arbitrary tokens, lack of snapshot enforcement enabled flash-loan style vote accumulation, and vote splitting across multiple accounts could double-count voting power. The remediation implemented true snapshot voting with associated token account enforcement and mint validation.
5. Uninitialized Vault Accounts (High)
Critical vault PDAs were derived and stored but never initialized as SPL Token accounts, creating race conditions where attackers could pre-create accounts and hijack protocol vaults. The fix ensured atomic vault initialization with proper authority binding during protocol setup.
Following the initial audit, the RIFTS Protocol development team undertook a systematic remediation effort addressing the identified vulnerabilities. The process followed industry best practices for security issue resolution:
Prioritization & Planning: High-severity findings were addressed first, with particular focus on authorization bypasses, oracle integrity, and numeric safety. The team developed a remediation roadmap that tackled related vulnerabilities in logical groups to ensure comprehensive fixes.
Implementation Approach: Rather than applying superficial patches, the team implemented structural improvements including migration to u128 arithmetic throughout, standardization of PDA seed schemas, comprehensive account constraint enforcement, and adoption of Anchor's built-in security patterns like associated_token constraints.
Verification Audit: After implementing fixes, Assure DeFi conducted a verification audit to validate remediation effectiveness. This second-phase assessment confirmed that the vast majority of critical findings had been properly resolved, with only a small number of acknowledged issues remaining for future consideration.
Remaining Considerations: Two findings were acknowledged rather than fully resolved: the permissionless proposal execution mechanism (which enables griefing but not fund theft) and governance parameter spoofing in certain edge cases. These represent design trade-offs the team chose to accept with appropriate documentation and monitoring.
The RIFTS Protocol team demonstrated exceptional commitment to security through their comprehensive remediation efforts. Of the 62 total findings identified in the initial audit:
Key Improvements Implemented:
u128 arithmetic with checked conversions throughoutassociated_token patternsThe remediation process transformed the protocol from a FAIL status to a significantly hardened security posture suitable for production deployment. The team's responsiveness and thoroughness in addressing complex Solana-specific vulnerabilities demonstrated a mature approach to smart contract security.
The RIFTS Protocol audit demonstrates the critical importance of comprehensive security assessment for complex DeFi systems, particularly on Solana where unique architectural patterns create novel attack surfaces. From oracle integrity to governance mechanics, every component requires expert scrutiny.
Ready to secure your Solana smart contracts? View the full RIFTS Protocol audit dashboard or contact Assure DeFi to start your security audit today. Our team specializes in Solana program security, including Anchor framework patterns, CPI safety, PDA management, and DeFi protocol mechanics.
This case study is based on publicly available audit reports for RIFTS Protocol. All findings discussed have been addressed through remediation efforts verified by follow-up assessment, with a small number of issues acknowledged and documented by the development team. This content is for informational purposes only and does not constitute security advice, investment recommendation, or endorsement of the protocol. Users should conduct their own due diligence and risk assessment before interacting with any smart contract system.
Security audits represent a point-in-time assessment and do not guarantee the absence of all vulnerabilities or future security issues. Protocol upgrades, integrations, and operational changes may introduce new risks not covered by this assessment.