Home
News
Details

Kamino Launches Contract-Level Security Controls for Lending Vaults

iconThe Defiant
Share
Share IconShare IconShare IconShare IconShare IconShare IconCopy
This is the logo of the coin.
SOL
$86.71-3.6%
AI summary iconSummary

expand icon
Kamino rolled out a protocol update to enhance lending vault security after a major security breach hit Drift Protocol. The new feature, Whitelisted Reserves, locks fund allocations to reserves approved by a multisig. It prevents vault funds from being redirected to malicious markets, even if curator keys are stolen. The update is now active on Kamino’s frontend and mandatory for new vaults. Depositors can still withdraw anytime.

Kamino, the largest lending protocol on Solana, has rolled out a new security feature called Whitelisted Reserves that enforces allocation controls at the smart contract level across its lending vaults.

The move comes just over a week after the Drift Protocol exploit, in which attackers drained roughly $270M from the Solana-based perpetual futures exchange using social engineering and compromised admin keys. The attack, which security firms have since attributed to DPRK-linked threat actors, rattled the broader Solana ecosystem and prompted the Solana Foundation to launch a new tiered security program for decentralized finance (DeFi) protocols.

Kamino's Whitelisted Reserves mechanism ensures that vault funds can be deployed only to reserves explicitly approved by a protocol-level multisig. If a vault curator's keys are compromised, an attacker would be unable to redirect depositor funds into a malicious or unvetted market, a scenario that could otherwise drain a vault's liquidity.

"With Whitelisted Reserves, that attack path is closed," Kamino said. "The smart contract rejects any allocation or investment into a reserve that Kamino has not explicitly whitelisted, regardless of who signs the transaction."

The feature enforces two onchain restrictions: curators cannot create or increase allocations outside the whitelist, and depositor funds cannot flow into any unvetted reserves via the vaults. Both restrictions are irreversible once activated by a curator.

All vaults currently displayed on Kamino's frontend — including those managed by Sentora, Gauntlet, Steakhouse, Allez Labs, and RockawayX — now have Whitelisted Reserves enabled. Going forward, the feature will be a requirement for any vault to appear on the Kamino interface.

Withdrawals remain unaffected by the whitelist; depositors can exit vaults at any time, subject to available liquidity.

Kamino is the largest DeFi protocol on Solana and ranks among the top lending platforms across all chains. Earlier this year, the protocol launched Lend V2, introducing modular markets, automated lending vaults, margin leverage, and RWA integration.

This article was written with the assistance of AI workflows. All our stories are curated, edited and fact-checked by a human.

Source:Show original
Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.