Security

SwissBorg Staking Program Compromised via Partner API Supply Chain Attack

External API supply chain compromise allowed unauthorized Solana stake authority manipulation, resulting in $41.5M asset loss.
December 1, 20253 min

The image displays a detailed view of a sophisticated mechanical device, featuring white segmented external parts and translucent blue internal components. These internal sections are heavily textured with numerous small, light-colored particles, creating a dynamic visual effect
The image displays a sophisticated modular mechanism featuring interconnected white central components and dark blue solar panel arrays. Intricate blue textured elements surround the metallic joints, contributing to the futuristic and functional aesthetic of the system

Briefing

The SwissBorg SOL Earn staking program suffered a major security breach resulting in the unauthorized transfer of $41.5 million in assets. The core incident was a supply chain compromise involving the Kiln API, a critical third-party staking partner. This off-chain access allowed the threat actor to silently manipulate on-chain stake account authorities, effectively bypassing the platform’s standard multi-signature withdrawal controls. The total financial impact is confirmed at $41.5 million, underscoring the systemic risk posed by centralized dependencies within decentralized products.

A white and blue football, appearing textured with snow or ice, is partially submerged in deep blue, rippling water. Visible are its distinct geometric panels, some frosted white and others glossy blue, linked by metallic silver lines

Context

The prevailing risk factor in institutional DeFi remains the security perimeter of external dependencies, particularly third-party APIs that manage on-chain permissions or data feeds. This incident leverages a known class of vulnerability where off-chain administrative access holds too much unilateral power over delegated on-chain assets. Prior to this event, the industry had yet to fully implement zero-trust architecture for critical staking and key management functions delegated to external service providers.

A futuristic mechanical apparatus, composed of polished silver and deep blue elements, is depicted in motion, intricately intertwined with a vibrant, translucent blue liquid. The liquid appears to flow around and through the device's central components, suggesting an active and integral interaction

Analysis

The attack vector was a classic supply chain compromise targeting a staking partner’s infrastructure. The attacker gained unauthorized access to the Kiln API, which possessed the necessary permissions to control the Solana stake accounts. By leveraging this off-chain API access, the actor executed a silent transfer of the stake account authority, a process that did not require the protocol’s multi-signature confirmations for withdrawal. This technical maneuver created a blind spot, allowing the attacker to evade standard monitoring tools focused on withdrawal events while transferring the stake authority to a malicious address, thereby draining the $41.5 million in user funds.

A gleaming white orb, exhibiting subtle paneling, is juxtaposed against a vibrant agglomeration of crystalline structures in deep blues and translucent whites. This imagery captures the essence of digital asset creation and the foundational architecture of blockchain networks

Parameters

  • Total Loss Value → $41.5 million (The total amount of user assets unauthorizedly transferred from the SOL Earn program)
  • Compromised Component → Kiln API (The external staking partner’s interface used to gain administrative control)
  • Affected Blockchain → Solana (The network where the stake account authority was manipulated)
  • Attack TechniqueSupply Chain Compromise (The method of exploiting a third-party vendor’s system)

A prominent blue Bitcoin emblem with a white 'B' symbol is centrally displayed, surrounded by an intricate network of metallic and blue mechanical components. Blurred elements of this complex machinery fill the foreground and background, creating depth and focusing on the central cryptocurrency icon

Outlook

Protocols must immediately adopt a zero-trust model for all third-party dependencies, mandating that no external service can unilaterally execute a critical on-chain function like stake authority transfer. The immediate mitigation for similar protocols is to audit all API-driven administrative roles and enforce on-chain multi-signature approval for any change in key ownership or delegation. This incident will likely establish new auditing standards that prioritize the security of the entire operational supply chain, shifting focus from pure smart contract logic to external key management and API access controls.

This high-value compromise decisively confirms that third-party supply chain risk, not isolated smart contract logic, is the most critical institutional attack vector in the current digital asset landscape.

supply chain risk, external dependency, API compromise, off-chain attack, Solana stake authority, key management failure, delegated control, institutional security, staking protocol, third-party risk, custodial vulnerability, multi-signature bypass, silent transfer, asset withdrawal Signal Acquired from → monoaudit.com

Micro Crypto News Feeds

supply chain compromise

Definition ∞ A supply chain compromise describes a cybersecurity attack where an adversary infiltrates an organization by targeting less secure elements within its broader network of vendors, partners, or software providers.

key management

Definition ∞ Key management refers to the systematic process of generating, storing, distributing, using, safeguarding, and revoking cryptographic keys.

multi-signature

Definition ∞ Multi-signature, often abbreviated as multisig, is a type of digital signature that requires more than one cryptographic key to authorize a transaction.

assets

Definition ∞ A digital asset represents a unit of value recorded on a blockchain or similar distributed ledger technology.

staking

Definition ∞ Staking is a process within certain blockchain networks, particularly those utilizing Proof-of-Stake consensus mechanisms, where participants lock up their digital assets to support network operations and validate transactions.

account

Definition ∞ An account is a record of transactions and balances within a digital ledger system.

supply chain

Definition ∞ A supply chain is the network of all the individuals, companies, resources, activities, and technologies involved in the creation and sale of a product, from the delivery of source materials from the supplier to the manufacturer, through to its eventual sale to the end consumer.

smart contract logic

Definition ∞ Smart contract logic refers to the predefined, self-executing code embedded within a smart contract that dictates its behavior and conditions for execution.

Tags:

Tags: