Transfer Hook

Transfer Hook

Transfer Hook is a Token-2022 extension that invokes an issuer-named program on every token transfer. Custom logic in the hook can verify allowlists, validate on-chain KYC, collect royalties, or enforce anti-bot filters.

Built for

Regulated tokens that need programmable compliance rules — for example, allowlist-based distribution or royalty splits on every transfer.

A new reentrancy class

Before Token-2022, Solana was considered reentrancy-immune. With Transfer Hooks that assumption no longer holds. Observed attack surfaces:

• CPI-depth attack — hook intentionally exhausts CPI depth so legitimate follow-up calls fail with CallDepthExceeded
• Recursive loop — hook triggers further transfers of the same mint, state confusion in pools
• State manipulation via CPI into other protocols during the transfer

Implication for DeFi

Any DeFi protocol that accepts Token-2022 with a transfer hook must explicitly audit its integration path. The classic “transfer plus pool update” pattern is no longer safe when the transfer itself runs arbitrary code.

Deep dive

Pillar Token-2022 explained.