Security Audit Service

Cover Solidity, Rust and Go language
Audited 100+ protocols and secured $12B+ assets
logologologologologologologologo

Security Tools

Phalcon
Phalcon
Powerful Transaction Explorer Designed For DeFi Community
The Phalcon provides comprehensive data on invocation flow, balance changes, and fund flows for transactions. We help developers, security researchers, and traders intuitively understand transactions and build to improve safety for DeFi community.
MetaDock
MetaDock
Improve the usability of blockchain explorers
MetaDock provides enhanced features when users visit BTC.com, Etherscan, BscScan, and *scans of many other EVM-compatible blockchains. These features are transparently integrated into the blockchain explorers, improving the user experience in a natural and non-intrusive way.
MetaSleuth
MetaSleuth
Crypto funds visualization and analysis tool
MetaSleuth provides the easiest-to-use visual flow of funds map, helping users analyze and track funds. It allows users to investigate and share findings and clues about fund transfers. CEX, wallets, and VASP can use it to build their compliance services.
Mopsus
Mopsus
Industry-Leading Transaction Pre-Execution Service
Mopsus provides easy-to-integrate APIs to help users understand transactions before signing. The pre-execution can be finished in milliseconds, 10X faster than the closest competitor's solution.
Rustle
Rustle
The First Automatic Auditor for NEAR Community
Rustle is a free and open-source framework that can help to locate tens of different vulnerabilities in NEAR smart contracts. It can be integrated into the developing process to mitigate potential vulnerabilities.
Flashloan Monitor
Flashloan Monitor
Real-time Alert For DeFi Community
Monitor transactions with Flashloan and identify suspicious ones. You can use this tool to detect DeFi exploits.
Blogs
How BlockSec Rescued Stolen Funds: From Technical Perspectives of Three Representative Cases
How BlockSec Rescued Stolen Funds: From Technical Perspectives of Three Representative Cases
DeFi hacks are still happening. For the stolen funds of the DeFi projects, it’s usually hard to recover them. Some projects negotiate with the hacker to offer a bounty and promise the drop of legal actions. It works sometimes but set up a bad example. It likes to encourage people to hack to get a bounty, instead of responsible discourse.
2023/02/20
[MetaSleuth] How to use MetaSleuth to analyze a phishing attack
[MetaSleuth] How to use MetaSleuth to analyze a phishing attack
This blog will show how to use MetaSleuth (@MetaSleuth) to analyze a phishing attack.
2023/01/28
Securing Web3 Through Proactive Threat Prevention
Securing Web3 Through Proactive Threat Prevention
In the past three years, we have observed several security incidents in the DeFi ecosystem. To defend the threats, code-centric methods, e.g., static code auditing, smart contract scanning tool, or dynamic fuzzing, are adopted by the community. Though they have shown effectiveness, we argue that the code-centric approach cannot solely solve the security issues and project users’ assets. For instance, several cases exist where vulnerable contracts have been audited by multiple reputable code auditing companies.
2023/01/28

Research

TITLEVENUEDATE
Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on EthereumRAID 20222022/06
WASAI: Uncovering Vulnerabilities in Wasm Smart ContractsISSTA 20222022/05
Forerunner: Constraint-based Speculative Transaction Execution for EthereumSOSP 20212022/03
Time-Travel Investigation: Towards Building A Scalable Attack Detection Framework on EthereumACM TOSEM2022/03
SGXLock: Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGXUSENIX Security 20222021/07

About Us

BlockSec is dedicated to building blockchain security infrastructure. The team is founded by top-notch security researchers and experienced experts from both academia and industry.
We have published multiple blockchain security papers in prestigious conferences, reported several zero-day attacks of DeFi applications, and successfully protected digital assets that are worth more than 5 million dollars by blocking multiple attacks.
BlockSec logo

Investors

Investor logoInvestor logoInvestor logoInvestor logoInvestor logoInvestor logoInvestor logoInvestor logo
Investor
Investor
Investor
Investor
Investor
Investor

News & Events

BlockSec uses cookies and other identifiers to analyze our traffic in accordance. We also share information about your use of our site with our analytics partners. By remaining on this website, you consent to our use of cookies and the Privacy Policy.