The results page for a completed PDA forensics run. It reuses the
wallet-forensics layout with six tabs: Timeline, Findings, Dust,
Fund Flow, Counterparties, Attacks. PDA-specific metadata (owning
program and discriminator) is surfaced in the quick-insights panel.
Why it exists
PDAs hold program state but are not executable, so the full wallet
tab set (approvals, post-mortem, reconstruction, compliance,
evidence) does not apply. This page keeps the shared forensics
layout while scoping the tabs to what is meaningful for a data
account.
Who uses it
Forensics analyst — investigates a specific PDA associated
with an exploit or anomaly.
Auditor — reviews PDA activity tied to an audited program.
How to open it
From /solana-pda-analyze after a successful run.
From an asset card for a Solana PDA.
Direct URL — /solana-pda?network=<chain>&address=<base58>.
Using the page
Quick-insights panel — owning program, discriminator, and
risk score.
Timeline — chronological list of PDA events.
Findings — detector hits for the PDA.
Dust — dust indicators.
Fund Flow — canvas-rendered flow graph of value movement.
Counterparties — profiled interaction partners.
Attacks — attack patterns matched against the PDA.
Inputs and outputs
Input
Source
Required
network
Query string
yes
address
Query string (base58 PDA)
yes
Output
Format
Destination
Forensics report
In-page tabs
HTML
Controls reference
Tabs: Timeline, Findings, Dust, Fund Flow, Counterparties,
Attacks.
Limits
Requires a signed-in account.
Approvals, Post-Mortem, Reconstruction, Compliance, and Evidence
tabs are not shown for PDAs.
Some tabs load lazily; data populates after the initial render.