Since BlockSec’s debut in 2021, we have long maintained that code auditing alone cannot solve Web3 security issues. Therefore, we have been investing in exploring new paradigms for Web3 security. Thus we created Phalcon, the world's first crypto hack-blocking system.
Before the launch of Phalcon, the system had been running internally for 2 years, successfully blocking over 20 hacks, and rescuing more than 20 million USD worth of assets, including $3.8 million for Saddle Finance, $2.4 million for Platypus, $5 million for ParaSpace, and more.
In this series of articles, we will present representative successful stories of our system Phalcon. Today, let's learn about the game-changing story in Web3: the industry's first successful defense against hacks.
How We Blocked the Attack Against HomeCoin
Guided by the belief that securing the Web3 ecosystem requires more than just security audits, we developed a prototype of the proactive threat prevention system (i.e., Phalcon) in early 2022. Embracing the unknown and unsure if the system will genuinely function and deliver results, we experienced a blend of apprehension and excitement.
On Mar 05 2022 04:35:19 PM (UTC), our system detected a pending attack initiated by the attacker (0xC711374BaC07Df9bB9dbAC596451517cEcBf0F0f). Following this, another component of our system automatically triggered the construction of a countering transaction, which was promptly sent (0xf3bd801f5a75ec8177af654374f2901b5ad928abcc0a99432fb5a20981e7bbd1) and successfully blocked the attack (the failed original attack tx: 0xc161973ed0e43db78763aa178be311733d4ffb77948d824ed00443803d22739c).
Due to the fact that the victim contract was still vulnerable (a typical reentrancy issue), the threatened assets were transferred to a secure and publicly dedicated rescue account. Ultimately, this case had a happy ending. We reached out to the project (i..e, HomeCoin) and returned the rescued tokens (0x31bff8989e9d627331435df9fed118f988b50bd1ab3b6056600ce86ccf0275ea) to their deployer account (0x67368f4c89dda2a82d12d3a703c32c35ff343bf6).
Although the amount of tokens rescued was not significant compared to the losses in many incidents, this marks the first publicly recorded attempt to automatically prevent an ongoing attack. We believe this is the right direction for securing the blockchain ecosystem. This tangible example demonstrates that it is achievable, representing "a small step for man, a giant leap for mankind".
Despite the numerous challenges that remained, this represented the dawn and future that was soon to arrive, and we were dedicating ourselves to making it happen in the near future.
How to Access the Service
- Phalcon is a SaaS platform. You can log in to our website to explore features, view pricing, and subscribe directly.
- You can also book a demo to learn more about Phalcon and receive expert security advice.
See More Success Stories of Phalcon
- Blocked Saddle Finance Attack: Industry's First Influential Blocking to Rescue $3,800,000
- Blocked TransitSwap Attack: Industry's First "Hacking Back" to Rescue $300,000
- Blocked Platypus Attack: Industry's First Counter-Exploitation of a Hacker's Contract
- Blocked Paraspace Attack: Industry's Most Important Block that Rescued $5,000,000
- Blocked Loot Attack: How Phalcon Saved $1.2M from Malicious Proposal
About Phalcon
Phalcon is an attack monitoring and automated blocking platform launched by BlockSec. The platform is capable of accurately identifying attacks and automatically blocking them. Phalcon aims to provide comprehensive post-launch security protection for Web3 projects, including continuous monitoring, attack blocking, and emergency response, safeguarding on-chain assets for protocol providers, LPs, and DAO organization participants.
To date, Phalcon has successfully blocked over 20 hacker attacks, rescuing more than $20 million in assets. Even in the early customer stage, Phalcon gained recognition and a grant from the top DeFi protocol Compound and established an attack-blocking platform for it.
Website: https://blocksec.com/phalcon
Twitter: @Phalcon_xyz
Telegram: https://t.me/BlockSecTeam
