OGGlossary OSVocabulário de Solana reconstruído para builders.
ENPT-BRES
Web3

Smart Contract Risk

The risk that bugs, logic errors, or exploitable vulnerabilities in on-chain program code could lead to loss of user funds. Smart contract risk is inherent to all DeFi participation because programs are immutable once deployed (unless upgradeable) and handle real value. Mitigations include professional security audits, formal verification, bug bounties, timelocks on upgrades, and starting with small amounts. Even audited programs can contain undiscovered vulnerabilities.

IDsmart-contract-risk
Leitura rápida

Leitura rápida

Comece pela explicação mais curta e útil antes de aprofundar.

The risk that bugs, logic errors, or exploitable vulnerabilities in on-chain program code could lead to loss of user funds. Smart contract risk is inherent to all DeFi participation because programs are immutable once deployed (unless upgradeable) and handle real value. Mitigations include professional security audits, formal verification, bug bounties, timelocks on upgrades, and starting with small amounts. Even audited programs can contain undiscovered vulnerabilities.

Modelo mental

Modelo mental

Use primeiro a analogia curta para raciocinar melhor sobre o termo quando ele aparecer em código, docs ou prompts.

Pense nisso como um bloco de construção que ajuda a ligar uma definição isolada ao sistema maior onde ela vive.

Contexto técnico

Contexto técnico

Coloque o termo dentro da camada de Solana em que ele vive para raciocinar melhor sobre ele.

Wallets, assinatura, dApps e gestão de chaves.

Por que builders ligam para isso

Por que builders ligam para isso

Transforme o termo de vocabulário em algo operacional para produto e engenharia.

Este termo destrava conceitos adjacentes rapidamente, então funciona melhor quando você o trata como um ponto de conexão, não como definição isolada.

Handoff para IA

Handoff para IA

Use este bloco compacto quando quiser dar contexto aterrado para um agente ou assistente sem despejar a página inteira.

Smart Contract Risk (smart-contract-risk)
Categoria: Web3
Definição: The risk that bugs, logic errors, or exploitable vulnerabilities in on-chain program code could lead to loss of user funds. Smart contract risk is inherent to all DeFi participation because programs are immutable once deployed (unless upgradeable) and handle real value. Mitigations include professional security audits, formal verification, bug bounties, timelocks on upgrades, and starting with small amounts. Even audited programs can contain undiscovered vulnerabilities.
Relacionados: Auditoria de Segurança, Rug Pull, DeFi (Finanças Descentralizadas)
Glossary Copilot

Faça perguntas de Solana com contexto aterrado sem sair do glossário.

Use contexto do glossário, relações entre termos, modelos mentais e builder paths para receber respostas estruturadas em vez de output genérico.

Abrir workspace completa do Copilot
Explicar este código

Opcional: cole código Anchor, Solana ou Rust para o Copilot mapear primitivas de volta para termos do glossário.

Faça uma pergunta aterrada no glossário

Faça uma pergunta aterrada no glossário

O Copilot vai responder usando o termo atual, conceitos relacionados, modelos mentais e o grafo ao redor do glossário.

Grafo conceitual

Veja o termo como parte de uma rede, não como uma definição sem saída.

Esses ramos mostram quais conceitos esse termo toca diretamente e o que existe uma camada além deles.

Ramo

Auditoria de Segurança

A formal, structured review of a Solana program's source code, architecture, and deployment configuration by experienced security researchers, aimed at identifying vulnerabilities — including but not limited to the OWASP-equivalent Solana Top 10 (missing signer checks, owner checks, arithmetic errors, etc.) — before mainnet deployment. Reputable Solana-focused audit firms include OtterSec, Ackee Blockchain, sec3 (formerly Soteria), Neodyme, Trail of Bits, and Halborn; most audits produce a severity-rated finding report (critical, high, medium, low, informational) that programs are expected to remediate and publish. A single audit is considered minimum due diligence for programs holding significant user funds; continuous auditing and bug bounties on platforms like Immunefi are considered best practice.

OtterSecSec3 (formerly Soteria)
Abrir termo
Ramo

Rug Pull

A crypto scam where project creators abandon a project after accumulating user funds, typically by draining liquidity pools, selling pre-minted tokens, or exploiting admin keys. Red flags: anonymous teams, unaudited contracts, concentrated token supply, locked liquidity absent, and excessive hype. Always verify program source, check authorities, and review audits before depositing.

Abrir termo
Ramo

DeFi (Finanças Descentralizadas)

Financial services built on blockchain smart contracts that operate without traditional intermediaries (banks, brokers). DeFi includes lending, borrowing, trading, insurance, and derivatives. Key properties: permissionless (anyone can participate), composable (protocols can be combined), transparent (open-source, auditable). Solana DeFi TVL has exceeded $5B, led by Jupiter, Raydium, Marinade, and Kamino.

AMM (Formador de Mercado Automatizado)Empréstimo
Abrir termo
Próximos conceitos para explorar

Continue a cadeia de aprendizado em vez de parar em uma única definição.

Estes são os próximos conceitos que valem abrir se você quiser que este termo faça mais sentido dentro de um workflow real de Solana.

Segurança

Auditoria de Segurança

A formal, structured review of a Solana program's source code, architecture, and deployment configuration by experienced security researchers, aimed at identifying vulnerabilities — including but not limited to the OWASP-equivalent Solana Top 10 (missing signer checks, owner checks, arithmetic errors, etc.) — before mainnet deployment. Reputable Solana-focused audit firms include OtterSec, Ackee Blockchain, sec3 (formerly Soteria), Neodyme, Trail of Bits, and Halborn; most audits produce a severity-rated finding report (critical, high, medium, low, informational) that programs are expected to remediate and publish. A single audit is considered minimum due diligence for programs holding significant user funds; continuous auditing and bug bounties on platforms like Immunefi are considered best practice.

Abrir termo
Web3

Rug Pull

A crypto scam where project creators abandon a project after accumulating user funds, typically by draining liquidity pools, selling pre-minted tokens, or exploiting admin keys. Red flags: anonymous teams, unaudited contracts, concentrated token supply, locked liquidity absent, and excessive hype. Always verify program source, check authorities, and review audits before depositing.

Abrir termo
Web3

DeFi (Finanças Descentralizadas)

Financial services built on blockchain smart contracts that operate without traditional intermediaries (banks, brokers). DeFi includes lending, borrowing, trading, insurance, and derivatives. Key properties: permissionless (anyone can participate), composable (protocols can be combined), transparent (open-source, auditable). Solana DeFi TVL has exceeded $5B, led by Jupiter, Raydium, Marinade, and Kamino.

Abrir termo
Web3

Sniping

Buying a token immediately at launch using automated bots that detect pool creation events and execute buy transactions in the same block. Snipers monitor new Raydium liquidity pools and Pump.fun graduation migrations to buy before other traders can react. Anti-snipe mechanics such as delayed trading windows and launch taxes are designed to mitigate this practice.

Abrir termo
Comumente confundido com

Termos próximos em vocabulário, sigla ou vizinhança conceitual.

Essas entradas são fáceis de misturar quando você lê rápido, faz prompting em um LLM ou está entrando em uma nova camada de Solana.

Web3counterparty-risk

Counterparty Risk

The risk that the other party in a financial arrangement fails to meet their obligations, resulting in a loss. In crypto, counterparty risk exists when you trust a centralized entity with your funds, such as a centralized exchange, custodian, or lending platform. DeFi protocols aim to reduce counterparty risk by replacing trusted intermediaries with transparent smart contracts, though they introduce smart contract risk instead. The collapse of FTX in 2022 was a major counterparty risk event.

Abrir termo
Termos relacionados

Siga os conceitos que realmente dão contexto a este termo.

Entradas de glossário só ficam úteis quando estão conectadas. Esses links são o caminho mais curto para ideias adjacentes.

Segurançaaudit

Auditoria de Segurança

A formal, structured review of a Solana program's source code, architecture, and deployment configuration by experienced security researchers, aimed at identifying vulnerabilities — including but not limited to the OWASP-equivalent Solana Top 10 (missing signer checks, owner checks, arithmetic errors, etc.) — before mainnet deployment. Reputable Solana-focused audit firms include OtterSec, Ackee Blockchain, sec3 (formerly Soteria), Neodyme, Trail of Bits, and Halborn; most audits produce a severity-rated finding report (critical, high, medium, low, informational) that programs are expected to remediate and publish. A single audit is considered minimum due diligence for programs holding significant user funds; continuous auditing and bug bounties on platforms like Immunefi are considered best practice.

Abrir termo
Web3rug-pull

Rug Pull

A crypto scam where project creators abandon a project after accumulating user funds, typically by draining liquidity pools, selling pre-minted tokens, or exploiting admin keys. Red flags: anonymous teams, unaudited contracts, concentrated token supply, locked liquidity absent, and excessive hype. Always verify program source, check authorities, and review audits before depositing.

Abrir termo
Web3defi-general

DeFi (Finanças Descentralizadas)

Financial services built on blockchain smart contracts that operate without traditional intermediaries (banks, brokers). DeFi includes lending, borrowing, trading, insurance, and derivatives. Key properties: permissionless (anyone can participate), composable (protocols can be combined), transparent (open-source, auditable). Solana DeFi TVL has exceeded $5B, led by Jupiter, Raydium, Marinade, and Kamino.

Abrir termo
Mais na categoria

Permaneça na mesma camada e continue construindo contexto.

Essas entradas vivem ao lado do termo atual e ajudam a página a parecer parte de um grafo maior, não um beco sem saída.

Web3

Web3

The vision of a decentralized internet built on blockchain technology, where users own their data, identity, and digital assets. Web1 was read-only (static pages), Web2 is read-write (platforms like social media), Web3 is read-write-own (permissionless, user-sovereign). Web3 applications use wallets instead of logins and smart contracts instead of centralized servers.

Abrir termo
Web3

dApp (Aplicação Descentralizada)

An application with its backend logic running on a blockchain as smart contracts rather than centralized servers. dApps typically have a traditional web frontend that interacts with on-chain programs via RPC. Users authenticate with wallets instead of username/password. Examples: Uniswap (Ethereum DEX), Jupiter (Solana DEX), Magic Eden (NFT marketplace).

Abrir termo
Web3

Carteira

Software or hardware that manages cryptographic keys and enables users to sign transactions, view balances, and interact with dApps. Hot wallets (Phantom, Solflare, Backpack) are internet-connected for convenience. Cold wallets (Ledger, Trezor) store keys offline for security. Wallets don't actually 'hold' tokens—they hold the private keys that control on-chain accounts.

Abrir termo
Web3

Frase Semente (Mnemônico)

A 12 or 24-word human-readable backup of a wallet's master private key, generated using BIP-39 standard. The seed phrase can deterministically regenerate all derived keypairs (BIP-44 derivation paths). Losing the seed phrase means permanently losing access to all associated accounts. Never share, photograph, or store seed phrases digitally in plain text.

Abrir termo