Phalcon's 2023 Year-End Recap
Dec 29 2023

In 2023, Web3 harbors not just aspirations for technological breakthroughs but also grapples with security challenges of unprecedented scale. The year also witnesses the transformation of Phalcon from a transaction explorer to a comprehensive security suite. Phalcon now covers the entire spectrum of protocol security, from pre-launch testing, post-launch monitoring and attack blocking, to post-incident analysis.

Through the story of Phalcon, let's explore the relentless efforts made by BlockSec to advance Web3 security in 2023.

Phalcon's Security Philosophy: Go Beyond Code Audits 🤔💡

Since the very foundation of BlockSec, our standpoint has remained consistent - code audits alone are inadequate to safeguard against the ever-present security risks in the Web3 dark forest (although we do a great job at code audits). Once a project is live, proactive defenses and swift response mechanisms become critical.

Traditional attack monitoring systems alert us to threats, yet teams are often too slow or uncertain about how to respond effectively. We began to question: How could we standardize our incident response capabilities to better assist a wider range of projects? This led to the creation of Phalcon Block, a system designed to automatically block attacks.

In February of this year, when the Platypus protocol was under attack, Phalcon Block helped recover $2.4 million in potential losses.

A month later, the system once again proved its worth by intercepting an attempt on Paraspace, saving an estimated $5 million. 🛡️💰

November marked a milestone with the introduction of Phalcon Block at the Devconnect conference in Istanbul, a testament to our two years of dedicated refinement. The system stands out as the first Web3 security product with the ability to automatically block hacks.

Phalcon Security Suite: An All-Encompassing Solution 💪

The year 2023 has been a transformative one for Phalcon.

We launched Phalcon Fork in April, a platform designed for collaborative and precise testing during code deployment and upgrade. Later, in November, we introduced Phalcon Block.

Today, Phalcon is no longer just a transaction explorer. It has matured into an comprehensive security suite, complete with Fork, Block, and Explorer modules.

This suite encompasses the entire security lifecycle of protocols, including pre-launch testing, post-launch monitoring and attack blocking, and post-incident analysis.

Our Mission: Advancing Web3 Security 🚀

Time and again, we've been approached by project teams and users seeking assistance after hacks and phishing attempts, which solidified our determination to help elevate security awareness in the Web3 community.

This year, we participated in a series of events, including the DeFi Security Summit, TOKEN 2049, Devconnect, ETHBerlin, and ACM CCS. We shared insights on the susceptibility of Web3 to hacks, underscored the significance of proactive defense, discussed incident response strategies, and introduced practical security tools.

Additionally, we've initiated the 🏆 BlockSec Blockchain Security Award 🏆, a three-year scholarship to honor exceptional students at PolyU pursuing a Master's degree in blockchain technology. In doing so, we aim to assist the industry in cultivating a greater number of qualified security professionals and developers with robust security qualifications. 🎓

As a security company, we consider it our responsibility and vision to nurture talent and advance blockchain security, contributing to the industry's robust growth.

Looking Forward

As the new year unfolds, we are dedicated to the pursuit of innovation, with a focus on developing Phalcon into a more practical and well-rounded security product. We also commit to continually sharing our insights and vision for security with the wider Web3 community.

Happy New Year in advance! 🎉

May your Web3 journey in the new year be prosperous and smooth.

May the coming year bring you all health and happiness. 🥳

Sign up for the latest updates
#10: ThirdWeb Incident: Incompatibility Between Trusted Modules Exposes Vulnerability
Security Insights

#10: ThirdWeb Incident: Incompatibility Between Trusted Modules Exposes Vulnerability

This blog shows the vulnerability and attack caused by Incompatibility of commonly used modules.

#9: MEV Bot 0xd61492: From Predator to Prey in an Ingenious Exploit
Security Insights

#9: MEV Bot 0xd61492: From Predator to Prey in an Ingenious Exploit

On August 3, 2023, an MEV Bot on Arbitrum was attacked, resulting in $800K in loss. The root cause of this attack was **Insufficient User Input Verification**.

#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks
Case Studies

#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks

On April 9, 2023, SushiSwap became the target of an exploit due to an Unverified External Parameter. The total loss is about $3.3 million.

BlockSec uses cookies and other identifiers to analyze our traffic in accordance. We also share information about your use of our site with our analytics partners. By remaining on this website, you consent to our use of cookies and the Privacy Policy.