Security Audit Service

Cover Solidity, Rust and Go language

Audited 100+ protocols and secured $12B+ assets

Security Tools

Phalcon

Powerful Transaction Explorer Designed For DeFi Community

The Phalcon provides comprehensive data on invocation flow, balance changes, and fund flows for transactions. We help developers, security researchers, and traders intuitively understand transactions and build to improve safety for DeFi community.

Mopsus

Industry-Leading Transaction Pre-Execution Service

Mopsus provides easy-to-integrate APIs to help users understand transactions before signing. The pre-execution can be finished in milliseconds, 10X faster than the closest competitor's solution.

MetaDock

Improve the usability of blockchain explorers

MetaDock provides enhanced features when users visit BTC.com, Etherscan, BscScan, and *scans of many other EVM-compatible blockchains. These features are transparently integrated into the blockchain explorers, improving the user experience in a natural and non-intrusive way.

Rustle

The First Automatic Auditor for NEAR Community

Rustle is a free and open-source framework that can help to locate tens of different vulnerabilities in NEAR smart contracts. It can be integrated into the developing process to mitigate potential vulnerabilities.

Flashloan Monitor

Real-time Alert For DeFi Community

Monitor transactions with Flashloan and identify suspicious ones. You can use this tool to detect DeFi exploits.

Blogs

Secure Smart Contract Development (2) — How to Use Digital Signature and Use It Right in NFT (Markets)

Digital signature is used to ensure the authenticity and integrity. As described in this article, “A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created by a known sender (authenticity), and that the message was not altered in transit (integrity).”

2022/08/12

Attack Analysis | How Unchecked Mapping Makes $200M Losses of Nomad Bridge

On August 2nd, 2022, a cross-chain bridge named Nomad Bridge was attacked, leading to the loss of nearly $200M. The root cause is the incorrect check in the upgraded version of the on-chain smart contract.

2022/08/05

Secure Smart Contract Development (1) — Code Reentrancy in NFT Contracts

Given the prosperity of NFT ecosystem on Ethereum and the increase of related security issues, we will post a series of blogs to introduce these security issues and give some suggestions for developers to secure contracts. In this blog, we will introduce the reentrancy issue in NFT contracts and how to mitigate the related vulnerability.

2022/08/05

Research

TITLE	VENUE	DATE
Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum	RAID 2022	2022/06
WASAI: Uncovering Vulnerabilities in Wasm Smart Contracts	ISSTA 2022	2022/05
Forerunner: Constraint-based Speculative Transaction Execution for Ethereum	SOSP 2021	2022/03
Time-Travel Investigation: Towards Building A Scalable Attack Detection Framework on Ethereum	ACM TOSEM	2022/03
SGXLock: Towards Efficiently Establishing Mutual Distrust Between Host Application and Enclave for SGX	USENIX Security 2022	2021/07

About Us

The BlockSec is dedicated to building blockchain security infrastructure. The team is founded by top-notch security researchers and experienced experts from both academia and industry.
We have published multiple blockchain security papers in prestigious conferences, reported several zero-day attacks of DeFi applications, and successfully protected digital assets that are worth more than 5 million dollars by blocking multiple attacks.

Investors

News & Events

BlockSec uses cookies and other identifiers to analyze our traffic in accordance. We also share information about your use of our site with our analytics partners. By remaining on this website, you consent to our use of cookies and the Privacy Policy.

Building BlockChain

Security Infrastructure