FLOR ONCHAIN
April 2026

Solana DeFi Multisig Security
After the Drift Exploit

On April 1, 2026, attackers drained $285M from Drift Protocol in 12 minutes using social-engineered multisig approvals and zero timelock. Here's how other Solana protocols compare.

INCIDENT SUMMARY
Amount stolen
$285M
Time to drain
12 min
Multisig config
2/5
Timelock
0 sec
Attack vector
Social eng.
Attribution
DPRK (suspected)

Protocol Comparison

Multisig threshold + timelock configuration

Jupiter Lend
TVL: $1.8B
4/7
12h
SECURED
Kamino
TVL: $3.0B
5/10
12h
SECURED
Solstice
TVL:
3/5
24h
MODERATE
Loopscale
TVL:
3/5
None
VULNERABLE
Exponent
TVL:
2/3
None
VULNERABLE
Drift
TVL: $550M → $230M
2/5
None
EXPLOITED
THE TAKEAWAY

A low multisig threshold without a timelock is a single point of failure. Drift's 2/5 configuration with zero delay meant two social-engineered signatures were enough to drain $285M instantly. Protocols with higher thresholds AND timelocks give the community a window to detect and respond to malicious transactions. If a protocol you use doesn't publish its multisig configuration — ask.

floronchain.com · followtheflor.com
Data as of April 5, 2026