Introduction 

Account dusting and address poisoning attacks have become increasingly common on Solana. From mass unsolicited token transfers promoting scam services to sophisticated phishing tactics manipulating transaction histories, these attacks degrade user experience and pose serious security risks. 

Account dusting and address poisoning are both forms of transaction spam characterized by large volumes of low-value SOL transfers. This bounty invites researchers and developers to investigate the scope and mechanics of dusting and address poisoning on Solana—and to build open-source tools or APIs that detect them. The goal is to make it easier for wallets, explorers, and applications to filter malicious or misleading activity from transaction histories before it reaches end users.

This competition is a chance to counter deceptive on-chain behavior and lay the groundwork for cleaner, safer user experiences on Solana.

Example Account Dusting Transactions

This user complaint posted on X (formerly Twitter) includes a screenshot of their account's recent transaction history. It reveals the prevalence of dusting on Solana, with multiple instances promoting three distinct services.

Example Address Poisoning Attacks

In a case highlighted by Scam Sniffer on X (formerly Twitter), a scammer used address-poisoning tactics on Solana to steal over $3.1 million in just one month.

Submission Requirements

Participants are expected to submit the following:

1. Written Report

Explain your methodology, data sources, and key research findings related to account dusting and address poisoning on Solana. This should be posted on a blogging site (e.g., Medium, Substack, Notion, etc.) and publicly viewable upon the deadline.

2. Dashboard

A public open-source dashboard that visualizes the prevalence, patterns, and trends of these attack vectors across time, accounts, and transaction types. This can be self-hosted or published through data platforms such as Flipside or Dune.

3. Detection API

An open-source API that can identify and classify dusting and address poisoning transactions—designed to be easily integrated into wallets, explorers, and other Solana-based services. The code for this should be hosted in a public GitHub repository. For reference, see the cNFT spam detection API at filtoor.xyz.

Detection APIs will be evaluated for accuracy and are expected to maintain a low false positive rate. Solutions should go beyond basic filtering of low-value transactions, using more advanced methods to distinguish between malicious and legitimate activity.

The goal is to avoid obscuring real user transactions or misleading users by incorrectly labeling benign activity as spam.

Bonus Points Will Be Awarded For:

• Investigation of the actors behind these campaigns

• Examining the business model: What are the total transaction costs? Are account dusters promoting legitimate services, scams, or wallet drainers?

• Estimating the profitability of these attacks

• Tracking how the tactics have evolved, including changes in techniques, targeting, and on-chain behavior (e.g., are specific wallets, assets, or periods more heavily targeted?)

Reward Structure

• 1st Prize - $3,000 and a chance to have your work featured on the Helius blog

• 2nd Prize - $1,500

• 3rd Prize - $500

Submission Criteria 

Your submission will be rejected:

• If it is not written in English.

• If the work is found to be plagiarized or stolen

• If your code is not published publicly on GitHub with a fully open-source license (e.g., MIT, Apache, GPL).

• If your dashboard’s queries are forked from other sources or your dashboard is not open-source.

• Your submission is not publicly viewable on and after the submission deadline. Submissions of private links will not be eligible.

  
  

Participants are encouraged to share their work on X/Twitter, tagging @heliuslabs.

Resources 

• Anatomy of an Address Poisoning Scam - Chainalysis

• Dusting attacks & airdrop scam tokens - Trezor