Hey, it’s Arsen.

In today’s menu:
• How a fake RateX program drained $6M from Loopscale’s vaults
• Immunefi’s public security scoreboard — 200+ protocols rated from 0 to 100
• Why AI makes strong auditors faster — and where it still fails
• And more…

🏴‍☠️ Vulnerability

Loopscale: The Program You Trusted Was Fake

Source

You’re auditing a Solana lending protocol that prices collateral via CPI. The integration uses RateX — a yield tokenization protocol where each market is a standalone program exposing a get_pt_price instruction. Loopscale calls it, gets an exchange rate back, and uses it to calculate loan health.

You check the call path. The interface is correct. The outputs look sane. You mark it clean.

But is the program at that address actually RateX?

The protocol enforced program ID validation for Exponent PT tokens and RateX PT Loops. For non-Loop borrows — a code path added March 27, 2025 — the same check wasn’t applied. That gap sat in production for 30 days.

The attacker deployed a malicious program with the same interface as a RateX market. get_pt_price returned a fabricated exchange rate — collateral priced far above its real value. Loopscale’s health checks ran, found nothing wrong, and approved four borrows. 5,726,724 USDC and 1,211.4 SOL left the Genesis Vaults in under nine minutes.

Interface validation and program ID validation aren’t the same thing. A malicious program can implement any interface flawlessly. The check that matters isn’t “does it return the right shape?” — it’s “is this the program I intended to call?”

New integrations often inherit validation logic from existing paths. The path that diverges is where the missing check hides.

Loopscale recovered all funds through negotiations with the attacker. Most protocols don’t get that ending.

🗞️ News

Immunefi Launches IronScore — A Public Security Scoreboard for Web3

Source

For years, protocol security was nearly impossible to compare from the outside. You could read audit reports if they were public. You could check for a bug bounty. Beyond that, you were guessing.

Immunefi launched IronScore to change that. It rates 200+ protocols on a 0-to-100 scale, ranks them on a public leaderboard, and makes every data point traceable to its source. The methodology is published. Scores can’t be influenced by commercial relationships with Immunefi.

The score breaks into five dimensions:

• Discovery Coverage — how much of the codebase is in scope

• Security Investment — team spend on security, and when

• Response Capability — response time and payout consistency

• Track Record — past incidents and how they were handled

• Posture Freshness — how recently the security data was updated

How much of your capital sits in a protocol that’s never been properly audited?

For researchers, this tells you where the hunt is worth the time. High investment, fresh scope, fast payouts — that’s where to focus. For token holders, there’s a wallet scanner: paste your address, see a security grade for every protocol your assets touch.

A portfolio can look diversified while depending entirely on protocols with scores in the twenties. IronScore doesn’t solve protocol security. But now you can see exactly what you’re walking into.

📚 Education

AI as a Force Multiplier for Security Engineers

Source

The debate used to be: will AI replace security engineers? That question is settled. It hasn’t. The new question is how much AI-assisted engineers can outperform AI alone.

AI finds real issues. It traces code paths, maps dependencies, and explains unfamiliar codebases. It’s strongest at pattern recognition — the parts of a review that look like past bugs. One internal sample found 80% of audit findings are repeat offenders — known bug classes the model has seen before. For those, AI is a strong first pass.

But blockchain security isn’t a “mostly correct” discipline. A missed 10% can mean immediate, irreversible loss. And the 10% AI consistently misses is the hardest part: novel business logic, multi-stage exploits, architectural trust assumptions, creative attack chains.

What does AI not understand about your protocol’s intent?

That’s the ceiling. AI reads code. It can’t read a specification that exists only in an engineer’s head. Adversarial reasoning — imagining how a system can be made to misbehave in ways its designers didn’t expect — still belongs to humans.

Attackers use AI too. They scan codebases for known patterns, generate exploit hypotheses, and validate manually. AI-only defense is competing against AI-assisted humans. That gap compounds.

The strongest model: expert engineers using AI aggressively for threat modeling, differential analysis, codebase navigation, and proof-of-concept scaffolding — while retaining ownership of judgment and final conclusions. Teams that ignore AI fall behind. Teams that rely on it alone will miss the one bug that matters.

That’s it for this week.

Reply with the Solana bug, tool, or pattern you want me to cover next — I read every one.

If a working Solana auditor in your circle would find this useful, forward it their way.

— Arsen, working Solana auditor