Incident Report: 37,000 SOL in Losses — A Call for Investigation and Action

1

Dear Solana community — validators, stakers, developers, and ecosystem fund representatives.

I’m writing on behalf of the Shiroi project, a team actively building on Solana. After learning that certain validators had discovered and exploited a vulnerability in the Marinade auction system, we decided to run our own independent audit to assess the scale of the damage. The results were shocking:
Over the span of 126 epochs, Marinade has incurred at least 37,000 SOL in losses — that’s over $5 million USD at current prices.

We attempted to reach out to Marinade leadership (specifically Repe) via X (Twitter), Discord, and other core team members through Telegram — unfortunately, we received no response. The lack of reaction to such a major incident sets a dangerous precedent and seriously undermines trust in the Marinade protocol and its delegation model. It also raises broader concerns about the reliability of all public staking pools and whether their advertised APYs are actually real.

To be blunt — the silence from the Marinade team after we disclosed the losses makes us question whether this vulnerability was known internally and simply ignored… or worse — knowingly left in place as a revenue stream.

We’ve also analyzed the percentage of stake that went unpaid by malicious validators each epoch. The results ranged from 2% to 75%, with an average across 124 epochs of 28% unpaid stake. That’s disturbing:

  • Honest validators were effectively subsidizing “free stake” for exploiters.
  • And stakers — who trusted the system — may have missed out on 28% of Marinade’s advertised APY.

Who’s going to cover that gap?

Today, we’re releasing:

  • A Top 10 list of validators who caused the highest damage to Marinade,
  • The Top 10 most loss-heavy epochs,
  • And a list of epochs where over 50% of stake was unpaid.

We want to understand:
Does the community care? Or is everyone just going to pretend this didn’t happen?

If there’s no meaningful response, we’ll bring this issue directly to the Solana Foundation — which, to our knowledge, is one of Marinade’s major stakers. It’s also worth noting that 6 of the Top 10 exploit validators are currently receiving delegation from Solana Foundation, and one of them is also backed by Jito.

All methodology, calculations, and proofs will be published soon.

Top10 Epochs by losses:
773 - 886 SOL
772 - 875,8 SOL
748 - 808,8 SOL
760 - 786,6 SOL
746 - 760,8 SOL
759 - 759,9 SOL
775 - 718,2 SOL
770 - 715,3 SOL
771 - 696,2 SOL
776 - 685,4 SOL

Top10 validators by losses (identity):

  1. DB7DNWMVQASMFxcjkwdr4w4eg3NmfjWTk2rqFMMbrPLA (Active on MB) - 1081,16 SOL
  2. PAWsME7oYbjt5TRNc11mBa33JhKnQr9AYherdr9YAZ6 (Active on MB) - 952,43 SOL
  3. simpRo1FrQYGa1moicfgnPDp6KyE38d4gYrZzhjXYJb (Active on MB) 875,28
  4. FUURpC3LjVnxr21PmEfHtxT7Mfe4CVJXxESBjQPvmqTZ (Active on MB + jito stake) - 741,38 SOL
  5. mint13XHZSSxtgHuTSM9qPDEJSbWktpmpM4CZxeLB8f (Active on MB) - 696,429 SOL
  6. 3Kzdcmu6yWE4AEhFdxAoWncLijpwzNB95JThHRXzvf5k (Rejected) - 674,16 SOL
  7. AXX64w9VS82qbM6WP5FHSPK7qbnRtzxyAvjARsencqrZ (Rejected) - 664 SOL
  8. 3tm92VTxwyZ5MDhGoYR4tVTkwWYkzfam6hwBjauUACCk (Active on MB) - 638 SOL
  9. 71M936kzQRe7eWrABba6yKqPsmTMVhijQqDNQP9qM9pP (Rejected) - 611 SOL
  10. FLAT3fBhQxrSPyT1zvyf58uQGARiGtnoN3VW8R7i38kC (NOT SFDP) - 595,07 SOL

24 epochs with over 50% of stake unpaid by validators:
652, 653, 654, 655, 656, 657, 658, 755, 756, 757, 764, 765, 766, 767, 768, 769, 770, 771, 772, 773, 774, 775, 776, 777

4 Likes
2

Damn, that’s some awesome work.

Questions like “why does someone with a much larger stake get paid significantly less?” have come up so many times before. And every time, we got the same tired responses: “we’re looking into it,” “we’re aware,” “it’s complicated…”

Finally, we have actual evidence.

3

(post deleted by author)

4

Hanabi Staking would like to clarify that we have never attempted to meaningfully participate in buying stake directly from Marinade (or the “auction”). We would also like to stress that there’s a difference between inefficiencies in rebalancing and deliberate abuse. We recommend also correlating abuse with bond configuration history to gain more holistic insights into each individual validator’s behaviour.
We would also like to note that 28% of stake being unpaid doesn’t necessarily mean 28% of APY lost, as only the cost of buying was unpaid. Stakers’ share of inflation rewards and MEV tips, which are managed by Solana and Jito respectively, are unaffected, barring commission rugging which is out of scope.

5

Marinade is a sandwich-driving pool. Their auction model is not designed for regular validators to win stake, because they have no way to bid for it. Anyone who pays bids to win Marinade stake is doing it because they make extra income from it. And the bids are very high. No arbitrage or other ethical strategy can yield more than the cost of those bids. So 99% of validators who win Marinade stake are running toxic sandwich strategies. If you stake with Marinade - you are supporting sandwich attacks on the Solana network.
Marinade is broken, their previous model, which supported decentralization in the network, was much healthier for the ecosystem and the overall growth of the network.

Now, it’s just a senseless race for additional profit.

3 Likes
6

First of all, I don’t want to defend anyone here, and I’m not getting any stake out of this myself. I agree with Ama above that the only way to be here is through sandwiching. Although, to be honest, I’ve always seen it as something where sandwiching existed before this auction, but the Marinade team saw how their stakes were used, and wanted part of that revenue stream to also go to their stakers. Meaning, I often see posts that seem to imply Marinade alone is to blame for sandwiching, which I don’t think is entirely fair.

Back to the current issue.

As I understand it, the auction program (contract) was supposed to lock funds on the validator’s account - an amount sufficient to cover their promised APY percentage (even with 0% uptime) for two epochs (? taking into account the deactivation time).

And as I understand, there was a bug in the program (contract) that prevented this from happening.

I think initially, each person who placed a bid and won discovered this issue by accident (maybe later it spread through some closed groups), even those who didn’t win but just participated and analyzed things.

But not the Marinade team.

Though it seems to me that this was their primary responsibility. At the end of the auction, they definitely knew how much SOL they’d receive for the auction epoch. And it should’ve been possible to notice that something was wrong within just 2 days after the first event of auction bid reduction.

Let me repeat - it seems that reducing the bid is, in itself, a valid action allowed by the program (contract). But for some reason, it applied even to the “closed” epochs.

I just want to say that, overall, it’s not so clear-cut for me…

P.S. Overall, I admit that I might have written complete nonsense above and don’t actually understand how the auction works (since I realized from the start that I wouldn’t be able to win and just didn’t participate). Feel free to tell me that.