Lamport Dust

Overview

The lamport dust detector identifies vulnerabilities related to residual lamport amounts (dust) that can bypass validation logic or accumulate to enable exploitation. It flags exact equality checks on lamport balances, transfers without near-zero remainder handling, and rounding issues in lamport calculations that could allow dust accumulation attacks.

For remediation guidance, see Lamport Dust Remediation.

Why This Is an Issue

Lamport dust attacks exploit programs that use exact equality comparisons on account balances. An account that appears empty (zero balance check) may actually hold 1-2 lamports of dust, allowing it to bypass closure verification and remain alive for resurrection attacks. Rounding in fee calculations can also leave tiny residuals that accumulate across many transactions, eventually draining meaningful value from a protocol.

How to Resolve

Before (Vulnerable)

// Vulnerable: exact equality check on lamport balance
pub fn close_account(accounts: &[AccountInfo]) -> ProgramResult {
    let account = &accounts[0];
    let recipient = &accounts[1];

    if account.lamports() == 0 {  // Dust bypass: 1 lamport passes this check
        return Err(ProgramError::InvalidArgument);
    }
    **recipient.lamports.borrow_mut() += account.lamports();
    **account.lamports.borrow_mut() = 0;
    Ok(())
}

After (Fixed)

// Fixed: transfer all lamports and zero the account data
pub fn close_account(accounts: &[AccountInfo]) -> ProgramResult {
    let account = &accounts[0];
    let recipient = &accounts[1];

    let balance = account.lamports();
    require!(balance > 0, ProgramError::InvalidArgument);

    **recipient.lamports.borrow_mut() += balance;
    **account.lamports.borrow_mut() = 0;
    account.data.borrow_mut().fill(0);  // Clear data to prevent resurrection
    Ok(())
}

Example JSON Finding

{
  "detector": "lamport-dust",
  "severity": "medium",
  "confidence": 0.6,
  "message": "Exact equality comparison on lamport balance may miss dust amounts",
  "location": { "function": "close_account", "block": 0, "statement": 2 }
}

Detection Methodology

1. Equality comparison detection: Identifies == comparisons on lamport balance values, which are vulnerable to off-by-one dust.
2. Transfer remainder analysis: Checks whether lamport transfers handle near-zero remainders properly.
3. Rounding pattern detection: Flags division operations on lamport amounts that could produce dust through truncation.
4. Account closure verification: Ensures account closure operations zero both lamports and data to prevent resurrection.

Limitations

False positives: Programs that legitimately use exact equality for specific protocol-defined balance thresholds may be flagged. False negatives: Dust accumulation across multiple separate transactions is beyond single-function analysis.

Related Detectors

• Lamport Conservation — detects conservation violations
• Insufficient Lamport Balance — detects missing balance checks
• Account Resurrection — detects account revival attacks

References

• Solana — Accounts
• CWE-682: Incorrect Calculation