Found a neat Solana PDA footgun in the active percolator-meta TWAP path. The config PDA was already scoped by: ["twap_config", market, squads, coin_mint, percolator_program] …but the signer PDA used by TWAP was only scoped by: ["market-0-twap", market] That means two configs for the same market
@toly·2026年6月4日·ネガティブ
記事を読むAI要約
A Solana PDA footgun in the Percolator TWAP path allows two configs for the same market to share the same TWAP signer, enabling potential malicious config exploitation.
