v0.1.0 // pre-deployment // built in rust

see what you sign.
before the nonce fires.

crif is a transaction legibility and simulation engine for Solana. decodes what an instruction actually does, diffs state against live rpc, and flags the exact shape that drained $285m out of drift on april 1, 2026.

view on github see the output

programs08

instructions80+

tests28 / 28

drift patterndetected

01 // the engine

every instruction. decoded.

connects to any solana rpc, fetches pre-state for every writable account in the transaction, runs simulateTransaction with the accounts config, and diffs the result. every instruction is resolved through a program-aware registry: system program, spl token, token-2022, squads v4, jupiter v6, drift v2, kamino lend, marginfi v2. durable nonces are detected from the first instruction. the drift 2026 combo is flagged CRITICAL.

02 // drift 2026

$285m. twelve minutes.
two signatures.

on april 1, 2026 a north-korea-linked group drained 285 million usd from drift protocol's squads multisig. they did not exploit a bug. they did not steal a key. they spent six months posing as a quant firm, then got two council members to pre-sign a routine-looking transaction whose payload was a config_transaction_execute. the pre-signed tx was wrapped in a durable nonce, so it did not expire. the attacker sat on it for a week, then fired. twelve minutes later the treasury was on ethereum.

6 months before

attacker poses as a quant trading firm, builds trust with drift contributors

social engineering

2026-03-23

four durable-nonce accounts created; two council members sign transactions under "routine upgrade" framing

pre-signed

2026-04-01 12:00

attacker submits the pre-signed config_transaction_execute txs — admin authority transferred in 4 slots

admin hijack

+ 1 minute

fake cvt token whitelisted as collateral, 500m cvt deposited, real usdc / sol / eth withdrawn

drain started

+ 12 minutes

$285m out of the vault, most bridged to ethereum within the hour

game over

now

this engine detects the exact transaction shape before you sign it

detected

03 // engine output

the report drift never got.

below is the verbatim terminal output of the engine consuming a synthesized versioned-transaction whose shape matches the april 2026 drift exploit. reproduce it with cargo run --example drift_attack.

sle simulate --tx $ATTACK_B64 --offline================================================================
 SOLANA TRANSACTION LEGIBILITY REPORT
================================================================
 Signature:    4dLPchZ8d2eCX2eobPtT9eN4DHwxmWZZomvPiqQkdwg...
 Fee payer:    4kfEfEk7HrCLpdqo3vtrMYYF9ehzCAm7i4wZeK5f6syi
 Simulation:   success
 Overall risk: CRITICAL
 ! DURABLE NONCE: yes - this transaction has no expiry
----------------------------------------------------------------
 Human-readable summary:

   [System Program] AdvanceNonceAccount
      ! Durable nonce advance — tx was prepared earlier and kept valid via nonce

   [Squads v4] config_transaction_execute
      ! Governance change being applied — may add/remove signers, lower threshold, or drop timelock
      ! This is the class of instruction used in the April 2026 Drift exploit

   [X] CRITICAL — this transaction matches the APRIL 2026 DRIFT EXPLOIT PATTERN: durable nonce + multisig admin execute. the attacker that drained $285M from Drift used exactly this shape — pre-signed governance actions that stay valid indefinitely. DO NOT SIGN without verifying the inner instructions AND the nonce account lifecycle.
----------------------------------------------------------------
 Instructions (2):
  #0 System Program :: AdvanceNonceAccount      [MEDIUM]
  #1 Squads v4      :: config_transaction_execute [CRITICAL]
================================================================

04 // decoder coverage

eight programs.
eighty-plus instructions.

every decoder lands in the same registry and emits the same LegibilityReport shape. anchor programs go through a generic discriminator matcher; native programs (system, spl token, token-2022) have custom decoders.

System Program

Transfer
CreateAccount
AdvanceNonceAccount
InitializeNonceAccount
Allocate

SPL Token

Transfer
TransferChecked
MintTo
Burn
CloseAccount
SetAuthority

Token-2022

base instructions (tag 0–25)
permanent_delegate [CRITICAL]
non_transferable_mint
transfer_hook_extension
interest_bearing_mint

Squads v4

vault_transaction_create / execute
config_transaction_execute [CRITICAL]
proposal_create / approve / reject
multisig_create / v2 / set_config

Jupiter v6

route
shared_accounts_route
exact_out_route
route_with_token_ledger
create_open_orders

Drift v2

deposit / withdraw
place_perp_order / place_spot_order
liquidate_perp / liquidate_spot
update_user_delegate [HIGH]
settle_pnl / cancel_order

Kamino Lend

deposit_reserve_liquidity
borrow_obligation_liquidity [HIGH]
withdraw_obligation_collateral
liquidate_obligation
flash_borrow / flash_repay

MarginFi v2

lending_account_deposit / withdraw
lending_account_borrow [HIGH]
lending_account_liquidate
set_account_authority [CRITICAL]
flashloan start / end

05 // usage

four commands.
zero trust required.

the engine ships as a single rust crate + cli. no backend, no telemetry, no keys ever leave your machine.

install$ git clone https://github.com/Nulltx-xyz/crif
$ cd crif
$ cargo build --release

simulate against devnet
$ cargo run -- simulate --tx $BASE64_TX --rpc devnet

offline mode — structure-only
$ cargo run -- simulate --tx $BASE64_TX --offline --json

reproduce the drift 2026 attack$ cargo run --example drift_attack
> overall_risk = Critical
> uses_durable_nonce = true

06 // stack

not a wallet.
not a bridge. a lens.

powered by solana-sdk 2.0, solana-client, spl-token, borsh, bincode, clap, and tokio. deployed on devnet via simulateTransaction. built with rust 1.94, zero runtime panics, twenty-eight tests and counting. a read-only engine for one specific job: showing you the ground truth of a transaction before your signature commits to it.

see what you sign.before the nonce fires.