Ten Most Frequently Asked Questions About Phalcon Block
Dec 15 2023

Our automated attack monitoring and blocking system, Phalcon Block, has been released for one month. During this time, we've held demo sessions with dozens of project teams and LPs, and found that the pain points and needs of users are generally similar. They want a security solution that detects threats promptly, has a low false positive rate, features automatic response mechanisms, and offers highly customizable configuration options.

We've created a list of the top 10 Phalcon Block-related inquiries from users. Check it out to see if there's anything you've been curious about. 👀

Question 1: How does Phalcon Block operate technically?

Our system monitors every transaction and utilizes an AI-based risky transaction early detection algorithm to determine the risk level of each transaction, complemented by user-defined trigger rules. When a risky transaction matches these rules, a pre-set incident response strategy will be automatically triggered.

Question 2: Can you describe some of the incident response strategies that Phalcon Block supports?

Phalcon Block is primarily intended for two types of users: protocol teams and LPs, and we have established different incident response strategies for each.

  • For project teams, in case of an emergency, Phalcon Block can automatically execute transactions to pause protocols and front-run attack transactions.
  • For LPs, the system enables the automatic withdrawal of assets before the protocol fails.

Question 3: Can I customize my own response strategy? For example, withdrawing assets first and then executing swap operations. Is this possible?

Yes, users have the flexibility to customize their response strategies.

However, more complex response strategies may require the deployment of a smart contract, which can automatically execute when trigger conditions are met. For simpler response strategies, the protocol's internal functions can be called directly.

Question 4: Writing smart contracts might be challenging for us...

No need to worry! If your response strategy is complex and requires deploying a smart contract, we can assist you with writing, deploying, and auditing the smart contract.

Question 5: You mentioned that Phalcon Block supports pausing protocols automatically. What if the protocol uses a smart contract wallet?

If the protocol uses a smart contract multi-signature wallet like Safe{Wallet}, Phalcon Block also provides a compatible solution to ensure the automatic execution of authorized operations.

Question 6: What is your system's false positive rate?

We pay particular attention to false positives since they not only disrupt project operations but also undermine intelligence credibility.

As mentioned previously, we classify each transaction into different risk levels. During the two years of operating Phalcon Block internally, 99% of the high-risk transactions reported were real attacks, with the false positive rate at around 1%. To be honest, no system can guarantee 100% accuracy of its alerts. We have minimized the false positive rate to the lowest possible level.

Furthermore, if users combine risk levels with self-defined trigger rules, the system's false positive rate will be zero.

Question 7: You mentioned high-risk transactions several times. What do the different risk levels mean?

Our system can achieve millisecond-level transaction risk grading through an AI-based early detection algorithm. We classify transactions into low, medium, and high-risk levels based on the probability of them being an attack.

Question 8: I think your system is very impressive. But, if I need to add protocols for monitoring, do I have to contact you each time? It would be too much trouble!

Our system is very flexible. Users can add the protocols they want to monitor themselves by simply adding the protocol's smart contract to the system. Of course, our security experts are always available. If you need assistance, we can also help you with the setup.

Question 9: Great! Which chains does the system support?

Currently, we support multiple blockchains including ETH, BSC, and Arbitrum. We also plan to support new chains based on users' feedback.

Question 10: Got it! What about the pricing?

Phalcon Block operates on a subscription basis. We invite you to schedule a demo to experience the powerful features of Phalcon Block firsthand. We will also recommend the most suitable plan based on your specific needs.

How to Access the Service

Since the launch of Phalcon Block in November, we have gradually opened access to the system. The access process is as follows:

  1. Book a demo presentation
  2. We will reach out to you to schedule a demo meeting
  3. Our security experts will complete the integration of your protocol

Let Phalcon Block build a defense line for your protocol. It doesn't require much work on the protocol side and would never bring in additional risk. It's just like a shield providing an additional layer of safety. Book a demo now!

About Phalcon Block

Phalcon Block is an attack monitoring and automated blocking platform launched by BlockSec, a leading Web3 security company. The platform is capable of accurately identifying attacks and automatically blocking them. Phalcon Block aims to provide comprehensive post-launch security protection for Web3 projects, including continuous monitoring, attack blocking, and emergency response, safeguarding on-chain assets for protocol providers, LPs, and DAO organization participants.

To date, Phalcon Block has successfully blocked over 20 hacker attacks, rescuing more than $14 million in assets. Even in the early customer stage, Phalcon Block gained recognition and a grant from the top DeFi protocol Compound and established an attack-blocking platform for it.

Website: https://blocksec.com/phalcon/block

Twitter: @Phalcon_xyz

Telegram: https://t.me/BlockSecTeam

See More Success Stories of Phalcon Block

Sign up for the latest updates
#10: ThirdWeb Incident: Incompatibility Between Trusted Modules Exposes Vulnerability
Security Insights

#10: ThirdWeb Incident: Incompatibility Between Trusted Modules Exposes Vulnerability

This blog shows the vulnerability and attack caused by Incompatibility of commonly used modules.

#9: MEV Bot 0xd61492: From Predator to Prey in an Ingenious Exploit
Security Insights

#9: MEV Bot 0xd61492: From Predator to Prey in an Ingenious Exploit

On August 3, 2023, an MEV Bot on Arbitrum was attacked, resulting in $800K in loss. The root cause of this attack was **Insufficient User Input Verification**.

#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks
Case Studies

#8: SushiSwap Incident: A Clumsy Rescue Attempt Leads to a Series of Copycat Attacks

On April 9, 2023, SushiSwap became the target of an exploit due to an Unverified External Parameter. The total loss is about $3.3 million.

BlockSec uses cookies and other identifiers to analyze our traffic in accordance. We also share information about your use of our site with our analytics partners. By remaining on this website, you consent to our use of cookies and the Privacy Policy.