Kamino, the largest lending protocol on Solana, has rolled out a new security feature called Whitelisted Reserves that enforces allocation controls at the smart contract level across its lending vaults.
The move comes just over a week after the Drift Protocol exploit, in which attackers drained roughly $270M from the Solana-based perpetual futures exchange using social engineering and compromised admin keys. The attack, which security firms have since attributed to DPRK-linked threat actors, rattled the broader Solana ecosystem and prompted the Solana Foundation to launch a new tiered security program for decentralized finance (DeFi) protocols.
Kamino's Whitelisted Reserves mechanism ensures that vault funds can be deployed only to reserves explicitly approved by a protocol-level multisig. If a vault curator's keys are compromised, an attacker would be unable to redirect depositor funds into a malicious or unvetted market, a scenario that could otherwise drain a vault's liquidity.
To continue reading this as well as other DeFi and Web3 news, visit us at thedefiant.io
