Back to Blog

New Website Unveiled | BlockSec Safeguards Protocol's Lifecycle Security

March 18, 2024

We are excited to announce the official launch of the brand-new BlockSec website!

Figure 1: BlockSecโ€˜s new website
Figure 1: BlockSecโ€˜s new website

As a full-stack blockchain security service provider, BlockSec is committed to transcending the boundaries of traditional security services to offer comprehensive lifecycle security for blockchain projects. From pre-launch security audits to post-launch security monitoring and attack blocking, BlockSec ensures the most robust security for every stage of protocol development.

This website upgrade is not just a complete refresh of our brand image but also a significant milestone for BlockSec. This article will provide a detailed introduction to the full-stack security services and products offered by BlockSec, as well as how they meet the differentiated needs of projects at various stages.

Ensuring Full Lifecycle Security for Protocols

Pre-Launch:

  • Security Auditing

Post-Launch

  • Security Monitoring + Attack Blocking: Phalcon

Security Auditing

๐Ÿ”— https://blocksec.com/code-audit

Figure 2: The official website of Security Auditing
Figure 2: The official website of Security Auditing

BlockSec provides smart contract and EVM chain auditing services:

  • Thorough audits covering technical, business, and financial aspects.

  • Professional reports with actionable solutions for every issue identified in our audits

  • Superior audit quality drives high client satisfaction and helps our clients win their users' trust

Check out our audit reports: https://blocksec.com/audit-reportt

Learn about our cutting-edge research: https://blocksec.com/research

Attack Monitoring & Blocking Platform: Phalcon

๐Ÿ”— https://blocksec.com/phalcon

Figure 3: The official website of Phalcon
Figure 3: The official website of Phalcon

Phalcon is a security platform developed by BlockSec to monitor and block hacks. The system detects suspicious transactions, instantly alerts users, and takes automated actions in response.

  • Early and Precise Attack Monitoring: Phalcon's detection engine scans every mempool and on-chain transaction for malicious proposals and contracts, among other potential threats. It leverages DeFi semantics and AI algorithms to achieve minimal false positives.
  • Operational Risk Monitoring: Beyond just monitoring for malicious activities, the system also keeps an eye on changes to admin keys, role grants, and key variables. This enables timely detection of private key leaks, privilege alterations, and other security risks.
  • Automated Attack Blocking with Customized Actions: When a transaction meets trigger conditions, Phalcon initiates automated actions within one block time (supporting multi-signature wallets). It provides standard response action templates, and users also have the option to customize actions.
  • Low-Code Configuration: Monitor transactions, functions, events, and variables with ease, utilizing a variety of pre-set monitoring templates. No coding is required to effortlessly set up monitoring rules and response actions.
Figure 4: Use cases of Phalcon
Figure 4: Use cases of Phalcon

Support Tool: Phalcon Explorer

Phalcon Explorer is the support tool for the Phalcon platform. This powerful transaction explorer is designed for the DeFi community. It provides comprehensive data on call flows, balance changes, and transaction fund flows, as well as supports transaction simulation. This helps developers, security researchers, and traders to more intuitively understand transactions.

More BlockSec's Builder Toolkit

Crypto tracking and investigation platform: MetaSleuth

๐Ÿ”— https://metasleuth.io/

Figure 5: The official website of MetaSleuth
Figure 5: The official website of MetaSleuth

Metasleuth simplifies investigations for everyone, offering profressional-grade tools tailored to meet the needs of experts. MetaSleuth is a comprehensive platform that enables users to gain a deeper understanding of blockchain activities. It offers a diverse range of features specifically designed for crypto investigations, such as fund tracking, visualizing fund flows, real-time transaction monitoring, and the ability to save and share analysis results. With its intelligent capabilities and cross-chain analysis, MetaSleuth simplifies the process of tracking funds within complex DeFi transactions, making it more accessible and efficient than ever before.

Browser Extension: MetaSuites

๐Ÿ”— https://blocksec.com/metasuites

Figure 6: The official website of MetaSuites
Figure 6: The official website of MetaSuites

MetaSuites is a browser extension to generate fund flow, display address labels, download data with one-click, simulate transactions, view storage and proxy upgrades, along with more than 20 utilities on over ten blockchain browsers.

We warmly invite you to experience the new official BlockSec website and join us in building a safer Web3 world.

Sign up for the latest updates
Newsletter - April 2026
Security Insights

Newsletter - April 2026

In April 2026, the DeFi ecosystem experienced three major security incidents. KelpDAO lost ~$290M due to an insecure 1-of-1 DVN bridge configuration exploited via RPC infrastructure compromise, Drift Protocol suffered ~$285M from a multisig governance takeover leveraging Solana's durable nonce mechanism, and Rhea Finance incurred ~$18.4M following a business logic flaw in its margin-trading module that allowed circular swap path manipulatio

~$7.04M Lost: GiddyDefi, Volo Vault & More | BlockSec Weekly
Security Insights

~$7.04M Lost: GiddyDefi, Volo Vault & More | BlockSec Weekly

This BlockSec weekly security report covers eight attack incidents detected between April 20 and April 26, 2026, across Ethereum, Avalanche, Sui, Base, HyperLiquid, and MegaETH, with total estimated losses of approximately $7.04M. The highlighted incident is the $1.3M GiddyDefi exploit, where the attacker did not break any cryptography or use a flash loan but simply replayed an existing on-chain EIP-712 signature with the unsigned `aggregator` and `fromToken` fields swapped out for a malicious contract, demonstrating how partial signature coverage turns any historical signature into a generic permit. Other incidents include a $3.5M Volo Vault operator key compromise on Sui, a $1.5M Purrlend privileged-role takeover, a $413K SingularityFinance oracle misconfiguration, a $142.7K Scallop cross-pool index injection, a $72.35K Kipseli Router decimal mismatch, a $50.7K REVLoans (Juicebox) accounting pollution, and a $64K Custom Rebalancer arbitrary-call exploit.

The Decentralization Dilemma: Cascading Risk and Emergency Power in the KelpDAO Crisis
Security Insights

The Decentralization Dilemma: Cascading Risk and Emergency Power in the KelpDAO Crisis

This BlockSec deep-dive analyzes the KelpDAO $290M rsETH cross-chain bridge exploit (April 18, 2026), attributed to the Lazarus Group, tracing a causal chain across three layers: how a single-point DVN dependency enabled the attack, how DeFi composability cascaded the damage through Aave V3 lending markets to freeze WETH liquidity exceeding $6.7B across Ethereum, Arbitrum, Base, Mantle, and Linea, and how the crisis forced decentralized governance to exercise centralized emergency powers. The article examines three parameters that shaped the cascade's severity (LTV, pool depth, and cross-chain deployment count) and provides an exclusive technical breakdown of Arbitrum Security Council's forced state transition, an atomic contract upgrade that moved 30,766 ETH without the holder's signature.