SPECTRE
Research
Methodology2026-05-15

Historical-Incident Corpus Backlog

Generator: This is a hand-maintained backlog for replay_incidents.py. Pair with: documents/audits/methodology/spectre-historical-incident-replay-2026-05-15.md

What this is

documents/incidents/*.yml catalogues 44 Solana exploits with an architectural_fingerprint: the SPECTRE rule IDs that should fire on the pre-hack source if our rule pack covers the class. The replay benchmark (runner/replay_incidents.py) reads each incident's mapped pre-hack corpus snapshot, scans it, and scores how many fingerprint rules SPECTRE actually emits.

As of the 2026-05-15 commit 114677a4, 23 of 44 incidents are mapped to a corpus snapshot. The remaining 21 (some are duplicate perspectives on the same hack across the three incident-YAML files; counting distinct protocols the gap is ~13) need a pre-hack source snapshot added to benches/solana/corpus/ before they appear in the replay.

Update 2026-05-15 (post-extractor + Cypher backfill): Five backlog items investigated this session. Findings recorded under "Resolved backlog" below; two of the three Cypher incidents now map to a sibling program snapshot. Mapped count is 28 of 44; exact-rule detection 19 of 28 (68%); class-level detection 26 of 28 (93%).

Update 2026-05-16 (post-ITER-001 ship): Added the precise detector for the April-2022 Jet Protocol $25M whitehat class (if X == Pubkey::default() { break; } in a sparse-array loop). JET-PROTOCOL-BREAK-2022 flips from ✗ (no detection) to ✓ (exact-rule ITER-001). Exact-rule detection rises to 20 of 28 (71%); class-level rises to 27 of 28 (96%). The only remaining ✗ is UXD-MANGO-CROSS-2022-10, which needs a separate CROSS-DELEGATE-RISK rule shape (CROSS-001's strict-trust-downgrade semantics architecturally don't fit UXD's delegation-of-economic-backing pattern).

Update 2026-05-17 (replay completion): Subsequent commits in the session shipped CROSS-007 (UXD delegate-risk), ACC-014 (Wormhole sysvar), AUTH-100 body-level extension (Raydium UpdateConfig), ACC-021 init-write exception (Metaplex CMv1), ACC-015 (Cashio untied typed account), plus a replay-script duplicate-id merge fix. Replay benchmark reaches 24/24 exact-rule (100%) and 24/24 class-level (100%) on the post-merge incident set. Mapped count drops from 28 to 24 because 5 duplicate-id rows across *.yml files collapse. Every mapped Solana exploit incident now fires at least one rule from its architectural fingerprint. See spectre-exact-rule-gap-analysis-2026-05-16.md for the per-incident trajectory.

This document is the structured worklist for closing that gap.

Workflow per incident

For each unmapped incident:

  1. Locate the protocol's public github repo. URLs below are starting points; verify each by git ls-remote --heads <url> before assuming.
  2. Find a pre-hack sha. Workflow:
    git clone --filter=blob:none --no-checkout --depth=500 <url> probe
cd probe
git fetch --depth=2000 origin <default-branch>
# find commits before the incident date:
git log --format='%cs %H %s' origin/<default-branch> -- <subpath?> \
  | awk '$1 < "<incident-date>"' | head -10
# pick a commit that represents stable pre-disclosure state and capture
# the full sha.
  3. Write a manifest at crates/pinpoint-rules-solana/benches/solana/corpus/<incident-id>.yaml following the schema in 01-wormhole-token-bridge-pre-hack.yaml. Include:
    • source.git.url + source.git.sha (40-char lowercase hex)
    • source.git.subpath if only one program subtree is relevant
    • ground_truth with the rule_ids from the incident's architectural_fingerprint
    • references linking the disclosure or audit URL
  4. Register the mapping in runner/replay_incidents.py's KNOWN_MAPPINGS dict ("<Protocol Name>": "<incident-id>").
  5. Materialize + scan:
    bash crates/pinpoint-rules-solana/benches/solana/runner/materialize.sh
# then scan the new entry through the runner or directly:
pinpoint spectre scan corpus-cache/<incident-id> \
  --languages rust --profile all --output json \
  --out runner/results/<incident-id>.json
  6. Re-run the replay to confirm class-level detection lands:
    python3 runner/replay_incidents.py \
  --report documents/audits/methodology/spectre-historical-incident-replay-2026-05-15.md

Unmapped incidents

Grouped by protocol. Multiple incident IDs may map to the same protocol (separate perspectives on the same hack); usually one corpus snapshot covers all of them.

Native (non-Anchor) — currently un-replayable

These protocols expose architectural-fingerprint classes the rule pack gates behind Anchor detection. Closing them requires both a corpus snapshot AND extending ORC-002 / GOV-001 / GOV-002 / similar rules to match native-Solana entry-point shapes. Tracked in spectre-vs-audit-firms-gap-analysis-2026-05.md as a P2.

Protocol Incident IDs Repo (probe needed)
SPL Token Lending SPL-TOKEN-LENDING-ROUNDING-2021-12 https://github.com/solana-labs/solana-program-library subpath token-lending (pre-Dec-2021 sha; see notes below)
Drift Protocol v1 DRIFT-V1-PNL-2022-05 Was drift-labs/protocol-v1; archived. Check drift-labs org for mirror.

The SPL Token Lending rounding finding (Neodyme disclosure, Dec 2021) is public Rust source. The disclosure-fix commit is documented in the solana-program-library history; finding the immediately-prior sha requires fetching deep history (depth 2000 only reaches 2023-08; closer to 2021-12 needs depth ~5000+).

Anchor / mixed — addable now

These have public repos. Each row's repo URL is the starting probe target.

Protocol Incident IDs Pre-hack target date Repo
Crema Finance CREMA-FAKE-TICK-2022-07, CREMA-FLASH-LOAN-2022-07 2022-07 Crema repos are difficult to locate (the program was archived after the exploit). Check Crema-Finance org on GitHub; the CLMM source may have been mirrored elsewhere.
Nirvana Finance NIRVANA-FLASHLOAN-PRICE-2022-07, NIRVANA-FLASH-LOAN-2022-07, NIRVANA-FLASHLOAN-2022-07 2022-07 Project abandoned; source may be lost. Worth a nirvana-finance org search. Otherwise mark "no public source — fingerprint stays unverified."
OptiFi OPTIFI-PROGRAM-CLOSE-2022-08 (×2) 2022-08 optifi-exchange or OptiFi-Markets org. The accidental-close was an operational error, not a code bug, so even a post-mortem snapshot is informative.
Magic Eden MAGIC-EDEN-UNVERIFIED-CREATOR-2023-01 2023-01 Closed source. Mark "cannot replay; non-public."
Metaplex Candy Machine v2 METAPLEX-CMV2-REINIT-2021-12 2021-12 https://github.com/metaplex-foundation/metaplex-program-library — the v2 codebase was added on top of the v1 import; investigate sha around Dec 2021 in subpaths candy-machine-v2 or earlier.
Cypher Protocol CYPHER-CACHE-INCONSISTENCY-2023-08, CYPHER-SUBACCOUNT-MARGIN-2023-08, CYPHER-SUBACCOUNT-2023-08 2023-08 chugach-foundation org (the Cypher team). Repos were archived after the hack; some are still browseable.
Allbridge Core ALLBRIDGE-CORE-PRICE-2023-04 2023-04 https://github.com/allbridge-io (probe).
Slope Wallet SLOPE-SEED-LEAK-2022-08 2022-08 NOT REPLAYABLE — the bug was in the wallet's mobile client (private keys leaked to Sentry logs), not in any on-chain program. SPECTRE's scope is on-chain; this incident is out of scope.
Pump.fun PUMPFUN-WITHDRAW-AUTHORITY-2024-05 2024-05 Proprietary. Public reverse-engineered IDLs exist but the canonical pre-hack source is not public.
Loopscale LOOPSCALE-RATEX-PRICE-2025-04, LOOPSCALE-RATEX-2025-04 2025-04 https://github.com/Loopscale-app (probe) — recent incident, source may still be browseable.
Step Finance STEP-FINANCE-EXEC-DEVICE-2026-01 2026-01 https://github.com/step-finance (probe) — operational compromise (executive's device), not a code bug. May still be replayable for the AUTH-100 / AUTH-110 family.
UXD-Mango (additional perspectives) covered by uxd-mango-cross-2022-10 n/a Already mapped.
Tulip Protocol TULIP-MANGO-CROSS-2022-10 2022-10 sol-farm or tulip-protocol org. Same architectural class as UXD (CROSS-001 into Mango v3).

Priority ordering

If executing the backlog in priority order:

  1. Metaplex Candy Machine v2 — same repo as v1, just a different sha; easy add.
  2. Allbridge Core — public org, recent incident (2023), Anchor-style.
  3. Cypher Protocol — three incident IDs collapse to one snapshot; high leverage.
  4. Tulip — same architectural class as already-mapped UXD/Mango.
  5. Loopscale — recent, fresh disclosure detail.
  6. OptiFi — operational-error class; useful for AUTH-* coverage.
  7. Drift v1 — pre-perp-DEX-class coverage; needs repo location confirmation.
  8. SPL Token Lending — needs native-rule lift first; defer.
  9. Skip Slope (wallet, out of scope), Magic Eden (closed source), Nirvana (likely lost), Pump.fun (proprietary).

Closing the top 6 takes the corpus from 23/44 mapped to roughly 31/44 and is achievable in one focused session per protocol (~30 min each).

Why class-level detection is the right metric

When a fingerprint asks for ACC-010 and SPECTRE emits ACC-011, the architectural CLASS is caught — both rules target account-binding bugs; the difference is which precision dial fires. The replay benchmark reports both exact-rule and class-level numbers honestly. For the backlog, the goal is class-level detection — ACC-013, ACC-010, CONFIG-010, CPI-003 are reasonable proxies for the "binding/admin gap caught architecturally" story regardless of which specific rule matches.

Exact-rule reconciliation is downstream precision work, not a corpus gap.

Resolved backlog (2026-05-15)

Protocol Determination Detail
Cypher Protocol MAPPED as cypher-protocol-cache-2023-08 chugach-foundation/cypher-vaults-v3 sha 258b54e1 (2023-03-21). Sibling vault program (consumes the same MasterAccount type as the v3 risk engine). The exploited risk-engine program CYPH3o83... was never open-sourced. Class-level claim only, by analogy with 25-drift-v2-architectural-reference. ACC-012 fires exact-rule on all three Cypher incident IDs.
Allbridge Core OUT OF SCOPE The 2023-04-02 exploit transaction occurred on the BNB Chain pool, not on Solana. SPECTRE's scope is on-chain Solana programs. The fingerprint cites ORC-002 + CROSS-001 against the Allbridge-Solana program BrdgN2RP..., but the exploited swap-pool curve does not live in the Solana program. No truthful Solana mapping.
OptiFi NO PUBLIC SOURCE No OptiFi GitHub org exists publicly (probed optifi-exchange, OptiFi-Markets, optifi-finance, optifi-org, optifi-network). Source was never published; the architectural fingerprint (AUTH-110/120, GOV-002, CONFIG-010, CLOSE-070) is for a single-key upgrade-authority pattern that, even if confirmed, is not directly testable without the source.
Tulip Protocol NO PUBLIC SOURCE sol-farm GitHub org has 0 public repositories (source went private). The fingerprint (CROSS-001) targets a yield-aggregator vault depositing into Mango v3 with no per-venue exposure cap — class is detectable but the source is unavailable.
Loopscale NO PUBLIC SOURCE Loopscale/loopscale on github is a different .NET / web project, not the Solana lending protocol that was exploited in April 2025. No Loopscale-app / loopscale-labs org exists. The architectural fingerprint (ORC-002 + INV-003) is replayable in principle but no public Solana source.

The Cypher mapping uses the architectural-reference precedent set by Drift v2. Allbridge is reclassified out-of-scope (BNB Chain). OptiFi, Tulip, and Loopscale are paused as "no public Solana source." If pre-hack source surfaces later (e.g. through a security disclosure repo or a leaked archive), they can be added via the standard workflow above.

Where this doc lives

  • Path: documents/audits/methodology/incident-corpus-backlog-2026-05-15.md
  • Pair with: spectre-historical-incident-replay-2026-05-15.md
  • Update when: new incidents land in documents/incidents/, OR a backlog entry is closed by a corpus snapshot, OR a new "cannot replay" determination is reached.