OGGlossary OSVocabulario de Solana reconstruido para builders.
ENPT-BRES
Web3

Smart Contract Risk

The risk that bugs, logic errors, or exploitable vulnerabilities in on-chain program code could lead to loss of user funds. Smart contract risk is inherent to all DeFi participation because programs are immutable once deployed (unless upgradeable) and handle real value. Mitigations include professional security audits, formal verification, bug bounties, timelocks on upgrades, and starting with small amounts. Even audited programs can contain undiscovered vulnerabilities.

IDsmart-contract-risk
Lectura rápida

Lectura rápida

Empieza por la explicación más corta y útil antes de profundizar.

The risk that bugs, logic errors, or exploitable vulnerabilities in on-chain program code could lead to loss of user funds. Smart contract risk is inherent to all DeFi participation because programs are immutable once deployed (unless upgradeable) and handle real value. Mitigations include professional security audits, formal verification, bug bounties, timelocks on upgrades, and starting with small amounts. Even audited programs can contain undiscovered vulnerabilities.

Modelo mental

Modelo mental

Usa primero la analogía corta para razonar mejor sobre el término cuando aparezca en código, docs o prompts.

Piensa en esto como un bloque de construcción que conecta una definición aislada con el sistema mayor donde vive.

Contexto técnico

Contexto técnico

Ubica el término dentro de la capa de Solana en la que vive para razonar mejor sobre él.

Wallets, firmas, dApps y gestión de llaves.

Por qué le importa a un builder

Por qué le importa a un builder

Convierte el término de vocabulario en algo operacional para producto e ingeniería.

Este término desbloquea conceptos adyacentes rápido, así que funciona mejor cuando lo tratas como un punto de conexión y no como una definición aislada.

Handoff para IA

Handoff para IA

Usa este bloque compacto cuando quieras dar contexto sólido a un agente o asistente sin volcar toda la página.

Smart Contract Risk (smart-contract-risk)
Categoría: Web3
Definición: The risk that bugs, logic errors, or exploitable vulnerabilities in on-chain program code could lead to loss of user funds. Smart contract risk is inherent to all DeFi participation because programs are immutable once deployed (unless upgradeable) and handle real value. Mitigations include professional security audits, formal verification, bug bounties, timelocks on upgrades, and starting with small amounts. Even audited programs can contain undiscovered vulnerabilities.
Relacionados: Auditoría de Seguridad, Rug Pull, DeFi (Finanzas Descentralizadas)
Glossary Copilot

Haz preguntas de Solana con contexto aterrizado sin salir del glosario.

Usa contexto del glosario, relaciones entre términos, modelos mentales y builder paths para recibir respuestas estructuradas en vez de output genérico.

Abrir workspace completa del Copilot
Explicar este código

Opcional: pega código Anchor, Solana o Rust para que el Copilot mapee primitivas de vuelta al glosario.

Haz una pregunta aterrizada en el glosario

Haz una pregunta aterrizada en el glosario

El Copilot responderá usando el término actual, conceptos relacionados, modelos mentales y el grafo alrededor del glosario.

Grafo conceptual

Ve el término como parte de una red, no como una definición aislada.

Estas ramas muestran qué conceptos toca este término directamente y qué existe una capa más allá de ellos.

Rama

Auditoría de Seguridad

A formal, structured review of a Solana program's source code, architecture, and deployment configuration by experienced security researchers, aimed at identifying vulnerabilities — including but not limited to the OWASP-equivalent Solana Top 10 (missing signer checks, owner checks, arithmetic errors, etc.) — before mainnet deployment. Reputable Solana-focused audit firms include OtterSec, Ackee Blockchain, sec3 (formerly Soteria), Neodyme, Trail of Bits, and Halborn; most audits produce a severity-rated finding report (critical, high, medium, low, informational) that programs are expected to remediate and publish. A single audit is considered minimum due diligence for programs holding significant user funds; continuous auditing and bug bounties on platforms like Immunefi are considered best practice.

OtterSecSec3 (formerly Soteria)
Abrir término
Rama

Rug Pull

A crypto scam where project creators abandon a project after accumulating user funds, typically by draining liquidity pools, selling pre-minted tokens, or exploiting admin keys. Red flags: anonymous teams, unaudited contracts, concentrated token supply, locked liquidity absent, and excessive hype. Always verify program source, check authorities, and review audits before depositing.

Abrir término
Rama

DeFi (Finanzas Descentralizadas)

Financial services built on blockchain smart contracts that operate without traditional intermediaries (banks, brokers). DeFi includes lending, borrowing, trading, insurance, and derivatives. Key properties: permissionless (anyone can participate), composable (protocols can be combined), transparent (open-source, auditable). Solana DeFi TVL has exceeded $5B, led by Jupiter, Raydium, Marinade, and Kamino.

AMM (Creador de Mercado Automatizado)Préstamo
Abrir término
Siguientes conceptos para explorar

Mantén la cadena de aprendizaje en movimiento en lugar de parar en una sola definición.

Estos son los siguientes conceptos que vale la pena abrir si quieres que este término tenga más sentido dentro de un workflow real de Solana.

Seguridad

Auditoría de Seguridad

A formal, structured review of a Solana program's source code, architecture, and deployment configuration by experienced security researchers, aimed at identifying vulnerabilities — including but not limited to the OWASP-equivalent Solana Top 10 (missing signer checks, owner checks, arithmetic errors, etc.) — before mainnet deployment. Reputable Solana-focused audit firms include OtterSec, Ackee Blockchain, sec3 (formerly Soteria), Neodyme, Trail of Bits, and Halborn; most audits produce a severity-rated finding report (critical, high, medium, low, informational) that programs are expected to remediate and publish. A single audit is considered minimum due diligence for programs holding significant user funds; continuous auditing and bug bounties on platforms like Immunefi are considered best practice.

Abrir término
Web3

Rug Pull

A crypto scam where project creators abandon a project after accumulating user funds, typically by draining liquidity pools, selling pre-minted tokens, or exploiting admin keys. Red flags: anonymous teams, unaudited contracts, concentrated token supply, locked liquidity absent, and excessive hype. Always verify program source, check authorities, and review audits before depositing.

Abrir término
Web3

DeFi (Finanzas Descentralizadas)

Financial services built on blockchain smart contracts that operate without traditional intermediaries (banks, brokers). DeFi includes lending, borrowing, trading, insurance, and derivatives. Key properties: permissionless (anyone can participate), composable (protocols can be combined), transparent (open-source, auditable). Solana DeFi TVL has exceeded $5B, led by Jupiter, Raydium, Marinade, and Kamino.

Abrir término
Web3

Sniping

Buying a token immediately at launch using automated bots that detect pool creation events and execute buy transactions in the same block. Snipers monitor new Raydium liquidity pools and Pump.fun graduation migrations to buy before other traders can react. Anti-snipe mechanics such as delayed trading windows and launch taxes are designed to mitigate this practice.

Abrir término
Comúnmente confundido con

Términos cercanos en vocabulario, acrónimo o vecindad conceptual.

Estas entradas son fáciles de mezclar cuando lees rápido, haces prompting a un LLM o estás entrando en una nueva capa de Solana.

Web3counterparty-risk

Counterparty Risk

The risk that the other party in a financial arrangement fails to meet their obligations, resulting in a loss. In crypto, counterparty risk exists when you trust a centralized entity with your funds, such as a centralized exchange, custodian, or lending platform. DeFi protocols aim to reduce counterparty risk by replacing trusted intermediaries with transparent smart contracts, though they introduce smart contract risk instead. The collapse of FTX in 2022 was a major counterparty risk event.

Abrir término
Términos relacionados

Sigue los conceptos que realmente le dan contexto a este término.

Las entradas del glosario se vuelven útiles cuando están conectadas. Estos enlaces son el camino más corto hacia ideas adyacentes.

Seguridadaudit

Auditoría de Seguridad

A formal, structured review of a Solana program's source code, architecture, and deployment configuration by experienced security researchers, aimed at identifying vulnerabilities — including but not limited to the OWASP-equivalent Solana Top 10 (missing signer checks, owner checks, arithmetic errors, etc.) — before mainnet deployment. Reputable Solana-focused audit firms include OtterSec, Ackee Blockchain, sec3 (formerly Soteria), Neodyme, Trail of Bits, and Halborn; most audits produce a severity-rated finding report (critical, high, medium, low, informational) that programs are expected to remediate and publish. A single audit is considered minimum due diligence for programs holding significant user funds; continuous auditing and bug bounties on platforms like Immunefi are considered best practice.

Abrir término
Web3rug-pull

Rug Pull

A crypto scam where project creators abandon a project after accumulating user funds, typically by draining liquidity pools, selling pre-minted tokens, or exploiting admin keys. Red flags: anonymous teams, unaudited contracts, concentrated token supply, locked liquidity absent, and excessive hype. Always verify program source, check authorities, and review audits before depositing.

Abrir término
Web3defi-general

DeFi (Finanzas Descentralizadas)

Financial services built on blockchain smart contracts that operate without traditional intermediaries (banks, brokers). DeFi includes lending, borrowing, trading, insurance, and derivatives. Key properties: permissionless (anyone can participate), composable (protocols can be combined), transparent (open-source, auditable). Solana DeFi TVL has exceeded $5B, led by Jupiter, Raydium, Marinade, and Kamino.

Abrir término
Más en la categoría

Quédate en la misma capa y sigue construyendo contexto.

Estas entradas viven junto al término actual y ayudan a que la página se sienta parte de un grafo de conocimiento más amplio en lugar de un callejón sin salida.

Web3

Web3

The vision of a decentralized internet built on blockchain technology, where users own their data, identity, and digital assets. Web1 was read-only (static pages), Web2 is read-write (platforms like social media), Web3 is read-write-own (permissionless, user-sovereign). Web3 applications use wallets instead of logins and smart contracts instead of centralized servers.

Abrir término
Web3

dApp (Aplicación Descentralizada)

An application with its backend logic running on a blockchain as smart contracts rather than centralized servers. dApps typically have a traditional web frontend that interacts with on-chain programs via RPC. Users authenticate with wallets instead of username/password. Examples: Uniswap (Ethereum DEX), Jupiter (Solana DEX), Magic Eden (NFT marketplace).

Abrir término
Web3

Billetera

Software or hardware that manages cryptographic keys and enables users to sign transactions, view balances, and interact with dApps. Hot wallets (Phantom, Solflare, Backpack) are internet-connected for convenience. Cold wallets (Ledger, Trezor) store keys offline for security. Wallets don't actually 'hold' tokens—they hold the private keys that control on-chain accounts.

Abrir término
Web3

Frase Semilla (Mnemónico)

A 12 or 24-word human-readable backup of a wallet's master private key, generated using BIP-39 standard. The seed phrase can deterministically regenerate all derived keypairs (BIP-44 derivation paths). Losing the seed phrase means permanently losing access to all associated accounts. Never share, photograph, or store seed phrases digitally in plain text.

Abrir término