Announcing sec3 WatchTower
Smart Threat Monitor for Smart Contracts
September 6, 2022

We are glad to announce the first release of sec3 WatchTower: an in-situ threat monitoring service for Solana smart contracts to detect, prevent and stop security attacks in real time.

sec3 WatchTower has three features:

  1. Pro-active monitoring: it alerts suspicious attacks even before they actually happen. This capability is uniquely powered by sec3’s smart monitor engine based on the Solana programming model. More technical details can be found in this article.
  2. Customized monitoring: it monitors customized security policies including protocol-specific cross-transaction rules and cross-chain invariants.
  3. Anomaly monitoring: it detects abnormal transactions through continuously-learned and auto-tuned invariants in sec3’s smart monitor engine.

In addition, WatchTower provides a list of built-in default monitors for common attacks, such as:

  • abnormal token transfers
  • rug pulls
  • flash loans
  • fake input accounts
  • round-trip-trades
  • cross-chain bridge attacks

A dashboard of sec3 WatchTower is shown below:

The following screenshot shows WatchTower alerts on the wormhole attack (reproduced in sec3’s testing environment):

The reproduced wormhole attack, detected by sec3 WatchTower

How To Use sec3 WatchTower

WatchTower is currently open to a few selected pilot users only. If you are interested, please sign up here.

After creating an account, follow the steps below to use the service:

1. Add a new project:

Step 1: “add a new project”

2. Add your smart contract addresses and aliases:

Step 2: “add smart contract addresses”

3. Add new bots:

Step 3: “add and configure new bots”

4. View alerts:

About sec3 (Formerly Soteria)

sec3 is a security research firm that prepares Solana projects for millions of users. sec3’s Launch Audit is a rigorous, researcher-led code examination that investigates and certifies mainnet-grade smart contracts; sec3’s continuous auditing software platform, X-ray, integrates with GitHub to progressively scan pull requests, helping projects fortify code before deployment; and sec3’s post-deployment security solution, WatchTower, ensures funds stay safe. sec3 is building technology-based scalable solutions for Web3 projects to ensure protocols stay safe as they scale.

To learn more about sec3, please visit https://www.sec3.dev

Other Posts
All About Anchor Account Size
Read
Sec3 ranks first in the 2023 MetaTrust CTF Sui track
Read
How to Audit Solana Smart Contracts Part 3: Penetration Testing
Read

Sec3 ©2023 | All Rights Reserved.

TermsPrivacy Policy