DeFi

Crypto security firm Ironblocks builds a ‘firewall’ for DeFi protocols — TradingView News

Published

8 months ago

on

A cottage industry of crypto security companies monitors the aftermath of hacks and protocol heists. Today, one of them has a “firewall” designed to stop these thefts upstream.

Blockchain security platform Ironblocks’ new tool is a free service for developers who want to add security to their smart contracts, CEO Or Dadosh told CoinDesk. Called Firewall, it allows them to plug in various security “policies” to monitor transactions on their decentralized financial protocols for suspicious attempts.

The open source toolkit could offer at least some solution to the ever-present threat of hacking in DeFi. Dadosh estimates that a given week results in up to 10 different hacks of protocols offering lending, trading, staking, or other financial services to crypto holders. These heists add up: PeckShield estimated losses at $60 million in April.

The firewall sits inside the transactions of smart contract processing protocols, Dadosh said. Developers have a handful of policies to choose from that scan the flow for sketchy patterns and other indications that a hack is in progress.

“It doesn’t stop or pause the application, it just stops the specific transaction that may be attacking the application, just like in Web2 firewalls,” Dadosh said.

At launch, the service has three significant users: zkEVM Linea chain, AltLayer, and layer 2 network Kinto. Dadosh said more were on the way.

Since the service is free, it is not intended to be a direct revenue source for Ironblocks, an Israeli startup that last raised $7 million in venture capital in early 2023. Instead, it powers the company’s other cryptographic cyber defense products, including the upcoming “Venn Security Network,” according to its website. Dadosh was reluctant to discuss what the network would look like.

But the firewall toolkit could offer a step forward in security in an ecosystem where the immutability of code makes incremental updates — a bug here, a potential exploit there — difficult to fix on the go. Dadosh said developers can add more policies to their code after the fact and remove them as well.

How developers make these changes is really up to them. Perhaps they could entrust decisions to their projects’ token-holding governance communities, to a wallet controlled by multiple parties (a multisig), or to the DAO.

The goal is to stop hacks before they happen.

“Once you’re hacked, in most cases you’re done,” Dadosh said. “And that’s what we’re trying to prevent.”

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version