SIMULATION_ARENA
Select a vulnerability module to begin the exploitation simulation.
WARNING: Only deploy to Devnet.
PDA SHARING
Exploit shared authority vulnerability in multi-vault systems. Target the Whale Vault.
ACCOUNT RELOADING
Demonstrate Anchor state inconsistency after CPI calls. Bypass withdrawal limits.
REVIVAL ATTACK
Revive 'closed' accounts to reuse existing state and drain funds repeatedly.
INTEGER OVERFLOW
Trigger arithmetic underflow to corrupt user balances and drain revenue vaults.
DUPLICATE MUTABLE ACCOUNTS
The Money Printer Glitch — pass the same account twice to print free tokens in DEX swaps.
ARBITRARY CPI
The Tip Jar Heist — pass a fake program ID for CPI calls to hijack transactions.
DATA MATCHING
The Identity Theft — create fake config accounts to bypass has_one validation checks.
SIGNER CHECKS
Exploit missing signature verification to drain victim vaults using only their public address.
OWNER CHECKS
Bypass account ownership validation to manipulate data in accounts you don't own.