Over the past months, we are very glad to see developers are paying more attention to security threats and best practices. Besides rigorous internal code reviews and external auditings, we are frequently asked by our customers: what we should do to keep our protocol safe once it's deployed on the chain. Indeed, we keep asking ourselves the same question too. We believe the on-chain monitoring could be the missing piece of the full lifecycle security.
Please don't get us wrong. The code reviews and auditings are still crucial to discover critical vulnerabilities before deployment. In fact, most attacks took advantage of missing proper account validations. Since it's relatively well known and targets security threats before deployment, we will skip this topic in this post.
When analyzing the steps in previous attacks, we made quite a few very exciting common observations that distinguish malicious attacks from normal transactions:
Inspired by those observations, we have been keeping our heads down and developing a monitoring service that can identify common attacking scenarios, learn from normal interactions, detect abnormal transactions, and alert/stop suspicious transitions.
Recently, we proudly announced sec3 WatchTower: Smart Monitor for Smart Contracts that provides pro-active and customizable monitoring services to detect several built-in attack scenarios as well as extendable abnormal transactions. We hope the sec3 WatchTower could contribute to post-deployment security and provide developers some peace of mind.