REAL-TIME SOLANA SECURITY

Detect exploits.Pause protocols.Save funds.

SentinelGuard watches every Solana transaction in real time. When a flash loan drain or TVL attack is detected, it autonomously submits a pause instruction on-chain — in under 3 seconds.

Launch Dashboard →View on GitHub

Live monitoring. On-chain response.

5 attack scenarios tested
2 rule types confirmed
Sub-3s automated pause
TVL_VELOCITYCRITICAL
Paused in 2.1s
Live incident response

TVL Velocity Drop Detected

Severity
99/100
Action
Protocol paused
Protocol3Eue3cN8...xcaC
Slot#930
At risk$200,000 USDC
Pause tx3sX4PLsG...t3F8
PAUSED
Auto-response confirmed
2Detection Rules Live
< 3sMedian Response Window
5Attack Scenarios Simulated
100%Emergency Pause Success
HOW IT WORKS

From exploit to pause — autonomously

No human in the loop. No delay. No mercy for attackers.

Step 01

Watch

A Rust Geyser subscriber connects to the Solana WebSocket and receives every transaction touching the monitored protocol in real time. Each transaction is parsed for token deltas, CPI depth, flash loan keywords, and program IDs.

Live ingestion
Transaction Watcher
Real time
Solana Validatorsource
Streams protocol-related transactions into the watcher.
Geyser WebSocket
SentinelGuard Watcherparser
token deltas
CPI depth
loan keywords
program IDs
Step 02

Detect

Incoming data is continuously evaluated against predefined detection heuristics. If a transaction exhibits malicious patterns, it scores a severity rating.

Decision engine
Rule Evaluation Layer
Severity scored
R1 Flash Loan + Drainthreshold 60+
Detects flash borrow followed by TVL drop within the same slot window.
R2 TVL Velocityup to 99
Detects rapid TVL drop > 20% within a 10-slot rolling window.
R3 Bridge Outflow Spikebridge watch
Detects funds leaving Solana via known bridge programs using multiplier-based thresholds.
Step 03

Pause

When severity crosses the threshold, the responder builds a pause_withdrawals instruction with the alert ID as PDA seed and submits it to the sentinel_guardian Anchor program. The protocol is paused on-chain. Kafka, Discord, and PostgreSQL are notified simultaneously.

Emergency action
Autonomous Pause Flow
Executed
AlertEvent emitted
Responder receives the alert payload and creates the pause request.
pause_withdrawals ix built
Instruction is assembled and submitted with skipPreflight for speed.
sentinel_state.paused = true
Protocol state flips on-chain while Kafka, Discord, and DB are notified in the background.
SYSTEM ARCHITECTURE

Six layers of on-chain defense.

Every component engineered for sub-second threat response.

01
SOLANA BLOCKCHAIN
~400ms slots · Geyser events
02
gRPC / WEBSOCKET STREAMS
Yellowstone · Geyser plugin
03
TRANSACTION PARSER
geyser.rs · Flash detection · 3 methods
04
DETECTION ENGINE
engine.rs · R1 · R2 · R3 · Score ≥ 60
05
RESPONDER SERVICE
pause.rs · webhooks.rs · DB insert
06
DASHBOARD & OUTPUTS
Next.js · WS feed · Kafka · REST
01

SOLANA BLOCKCHAIN

The foundation of every detection. SentinelGuard connects directly to a local Solana validator, receiving every block at the native ~400ms slot cadence via the Geyser WebSocket plugin. No API rate limits. No polling delays. Every transaction touching the monitored protocol is seen in real time.

Core Functions
  • Local validator access — no RPC rate limits
  • Full block coverage via Yellowstone Geyser plugin
  • ~400ms slot cadence — native chain speed
  • Pubkey: EbVbJD...VYa7m
Stack Details
YellowstoneGeyser~400ms slots
Battle Tested

5 attack scenarios.
All detected instantly.

See how SentinelGuard's engine performs against real-world smart contract exploits and flash loan attacks with mathematically proven sub-second precision.

#
Attack Type
Expected
Live Result
On-chain Action
01
Normal deposits + 3.3% withdrawal
No alert
Silent
N/A
02
Rapid 81% drain in 3 transactions
TVL_VELOCITY
Severity 99, <3s
3BtKhbum...3kHQ
03
Flash loan + 40% drain exploit
FLASH_LOAN_DRAIN
Severity 64, <5s
2QdTiQKE...NeDo
04
10% single drain (below threshold)
No alert
Silent
N/A
05
Slow 5%×8 cumulative bleed
TVL_VELOCITY
Fires at slice 5
Cooldown Active