Security

SwissBorg Staking Program Compromised via Partner API Supply Chain Attack

External API supply chain compromise allowed unauthorized Solana stake authority manipulation, resulting in $41.5M asset loss.
December 1, 20253 min

A detailed close-up reveals a sophisticated cylindrical apparatus featuring deep blue and polished silver metallic elements. An external, textured light-gray lattice structure encases the internal components, providing a visual framework for its complex operation
A highly detailed, metallic blue robotic arm or intricate mechanical structure is prominently displayed, featuring interconnected components, visible wiring, and a central lens-like sensor. The polished surfaces reflect light, highlighting the advanced engineering and precision of its design

Briefing

The SwissBorg SOL Earn staking program suffered a major security breach resulting in the unauthorized transfer of $41.5 million in assets. The core incident was a supply chain compromise involving the Kiln API, a critical third-party staking partner. This off-chain access allowed the threat actor to silently manipulate on-chain stake account authorities, effectively bypassing the platform’s standard multi-signature withdrawal controls. The total financial impact is confirmed at $41.5 million, underscoring the systemic risk posed by centralized dependencies within decentralized products.

A sophisticated metallic hexagonal grid, brimming with vibrant blue crystalline fragments, forms a modular infrastructure. A prominent white, textured sphere is centrally positioned within one hexagonal cell, supported by larger blue crystal formations

Context

The prevailing risk factor in institutional DeFi remains the security perimeter of external dependencies, particularly third-party APIs that manage on-chain permissions or data feeds. This incident leverages a known class of vulnerability where off-chain administrative access holds too much unilateral power over delegated on-chain assets. Prior to this event, the industry had yet to fully implement zero-trust architecture for critical staking and key management functions delegated to external service providers.

A close-up view reveals a sophisticated abstract mechanism featuring smooth white tubular structures interfacing with a textured, deep blue central component. Smaller metallic conduits emerge from the white elements, connecting into the blue core, while a larger white tube hovers above, suggesting external data input

Analysis

The attack vector was a classic supply chain compromise targeting a staking partner’s infrastructure. The attacker gained unauthorized access to the Kiln API, which possessed the necessary permissions to control the Solana stake accounts. By leveraging this off-chain API access, the actor executed a silent transfer of the stake account authority, a process that did not require the protocol’s multi-signature confirmations for withdrawal. This technical maneuver created a blind spot, allowing the attacker to evade standard monitoring tools focused on withdrawal events while transferring the stake authority to a malicious address, thereby draining the $41.5 million in user funds.

The image displays a central, textured blue and white spherical object, encircled by multiple metallic rings. A smooth white sphere floats to its left, while two clear ice-like cubes rest on its upper surface

Parameters

  • Total Loss Value → $41.5 million (The total amount of user assets unauthorizedly transferred from the SOL Earn program)
  • Compromised Component → Kiln API (The external staking partner’s interface used to gain administrative control)
  • Affected Blockchain → Solana (The network where the stake account authority was manipulated)
  • Attack TechniqueSupply Chain Compromise (The method of exploiting a third-party vendor’s system)

Two futuristic, modular white components are shown in close connection, revealing glowing blue internal mechanisms against a dark blue background with blurred, ethereal shapes. This visual emphasizes the complex protocol integration essential for robust blockchain interoperability and scalable network architecture

Outlook

Protocols must immediately adopt a zero-trust model for all third-party dependencies, mandating that no external service can unilaterally execute a critical on-chain function like stake authority transfer. The immediate mitigation for similar protocols is to audit all API-driven administrative roles and enforce on-chain multi-signature approval for any change in key ownership or delegation. This incident will likely establish new auditing standards that prioritize the security of the entire operational supply chain, shifting focus from pure smart contract logic to external key management and API access controls.

This high-value compromise decisively confirms that third-party supply chain risk, not isolated smart contract logic, is the most critical institutional attack vector in the current digital asset landscape.

supply chain risk, external dependency, API compromise, off-chain attack, Solana stake authority, key management failure, delegated control, institutional security, staking protocol, third-party risk, custodial vulnerability, multi-signature bypass, silent transfer, asset withdrawal Signal Acquired from → monoaudit.com

Micro Crypto News Feeds

supply chain compromise

Definition ∞ A supply chain compromise describes a cybersecurity attack where an adversary infiltrates an organization by targeting less secure elements within its broader network of vendors, partners, or software providers.

key management

Definition ∞ Key management refers to the systematic process of generating, storing, distributing, using, safeguarding, and revoking cryptographic keys.

multi-signature

Definition ∞ Multi-signature, often abbreviated as multisig, is a type of digital signature that requires more than one cryptographic key to authorize a transaction.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

staking

Definition ∞ Staking is a process within certain blockchain networks, particularly those utilizing Proof-of-Stake consensus mechanisms, where participants lock up their digital assets to support network operations and validate transactions.

account

Definition ∞ An account is a record of transactions and balances within a digital ledger system.

supply chain

Definition ∞ A supply chain is the network of all the individuals, companies, resources, activities, and technologies involved in the creation and sale of a product, from the delivery of source materials from the supplier to the manufacturer, through to its eventual sale to the end consumer.

smart contract logic

Definition ∞ Smart contract logic refers to the predefined, self-executing code embedded within a smart contract that dictates its behavior and conditions for execution.

Tags:

Tags: