Bump Seed Canonicalization
The practice of using the first valid bump seed found during PDA derivation to ensure a single canonical address per seed set, preventing duplicate account attacks.
Bump seed canonicalization is a critical security practice in Solana program development. When deriving a Program Derived Address (PDA), the runtime searches for a "bump" value (starting from 255 and decrementing) that produces an address off the Ed25519 curve. The canonical bump is the first valid value found (the highest valid bump). Using any other valid bump for the same seeds would produce a different address, creating a vulnerability.
The vulnerability
The Pubkey::find_program_address function always returns the canonical bump (highest valid bump). However, if a program uses Pubkey::create_program_address and accepts a user-supplied bump without verifying it is the canonical one, multiple valid PDAs can exist for the same logical seed set.
An attacker can exploit this by:
- Discovering a non-canonical bump that also produces a valid PDA
- Initializing a duplicate account at the non-canonical address
- Using this duplicate to bypass uniqueness assumptions in the program's logic
Mitigation
With the Anchor framework: The seeds and bump constraints automatically enforce canonical bump usage:
1#[account(2 seeds = [b"vault", user.key().as_ref()],3 bump // Anchor verifies the canonical bump4)]5pub vault: Account<'info, Vault>,
In native programs: Store the canonical bump during account initialization and validate it on every subsequent access:
1// During initialization2let (pda, canonical_bump) = Pubkey::find_program_address(seeds, program_id);3account_data.bump = canonical_bump;45// During subsequent access6let expected_pda = Pubkey::create_program_address(7 &[seeds, &[account_data.bump]],8 program_id,9)?;10assert_eq!(expected_pda, account_info.key());
Audit checklist
When auditing for bump seed canonicalization issues, security researchers should:
- Verify that
find_program_address(notcreate_program_address) is used during initialization - Confirm the canonical bump is stored in the account data
- Check that subsequent accesses validate the stored bump
- Ensure Anchor programs use the
bumpconstraint on all PDA accounts
Bump seed canonicalization is one of the most common sources of high-severity vulnerabilities in Solana programs and is a mandatory check in any security audit.
Articles Using This Term
Learn more about Bump Seed Canonicalization in these articles:
From EVM to SVM: A senior security researcher's guide to Solana in 2026
A technical guide for senior EVM security researchers transitioning to Solana's SVM. Covers Rust, Borsh, PDAs, Anchor, and the 2026 Solana security landscape.
Solana Security Checklist: 45 Critical Checks for Anchor & Native Programs
Complete Solana smart contract security checklist with 45 vulnerability categories. Prevent exploits with checks for account validation, CPI security, PDAs, Token-2022, and more. Essential guide for Solana developers and auditors.
Related Terms
Program Derived Address (PDA)
A deterministic address derived from a combination of seeds and a program ID that falls off the Ed25519 curve, allowing programs to sign transactions without a private key.
Anchor Framework
The standard development framework for Solana programs that provides declarative security constraints, automatic account validation, and serialization through Rust macros.
SVM (Solana Virtual Machine)
The runtime environment that executes programs on Solana using a parallelized, stateless account model, compiled to Solana Bytecode Format (SBF).
Need expert guidance on Bump Seed Canonicalization?
Our team at Zealynx has deep expertise in blockchain security and DeFi protocols. Whether you need an audit or consultation, we're here to help.
Get a Quote
