BlockSec Phalcon 2.0 Unleashed: A New Era of Hack Prevention and Protocol Security Begins

Protocol Security Goes Beyond Code Auditing

Today, code auditing has become an industry standard, with the vast majority of protocols undergoing audits before going live. Yet, why do hackers still frequently succeed, stealing billions of dollars each year? The answer lies in the evolving landscape of protocol security, which demands more than just pre-deployment checks.

According to the BlockSec Security Incidents Dashboard, from January 2023 to the present, there have been 146 major attack incidents, resulting in asset losses exceeding one billion dollars in total. Examples include the Euler Finance Incident ($200M losses), the Curve Incident ($60M losses), the KyberSwap Incident ($46M losses), and the recent Polterfinance attack ($8.7M losses). Notably, the majority of these protocols had successfully passed code audits conducted by well-known firms.

Even if a protocol has passed audits and fixed known vulnerabilities, it may still face significant security risks: It may still harbor zero-day vulnerabilities; during bug-fixing, small-scale upgrades, or parameter adjustments, the protocol team may inadvertently introduce new attack vectors; external dependencies can pose new risks; and even oversights related to compilers can lead to attacks.

Moreover, the open-source nature, anonymity, and flashloan mechanisms of blockchain make it easier for hackers to exploit vulnerabilities, and the chance for huge profits gives them strong motivation. Since protocols are transparent and attackers stay hidden, defending against these evolving threats is very challenging. Some project teams may compensate users after attacks to reduce the damage, while financial losses can be recovered, rebuilding trust is much harder once it is lost.

Unfortunately, protocols have long focused mainly on code audits to ensure security, often overlooking an equally important area—security monitoring and automated responses after launch. This is precisely the gap that BlockSec Phalcon 2.0 is designed to fill, offering robust hack prevention capabilities.

What is BlockSec Phalcon and Why is Real-time Attack Blocking Critical?

BlockSec Phalcon is a cutting-edge security monitoring and attack blocking system designed specifically for protocols, covering the vast majority of threats protocols may encounter after going live, such as attack, operational, interaction, and financial risks. It's a comprehensive solution for Web3 security.

Currently, some protocols may have built or purchased monitoring systems, but why do they still suffer losses when facing attacks? The reasons are twofold:

• First, the project team might not learn about an attack in time or could waste valuable time verifying the accuracy of alerts due to frequent false positives. Meanwhile, hackers could already complete multiple attack transactions.
• Second, even if the project team quickly detects the attack and takes action, they often cannot respond as fast as the hackers. Many protocols rely on multi-sig wallets, and the need for multiple approvals makes manual responses even slower, making effective attack blocking nearly impossible.

BlockSec Phalcon delivers practical and battle-tested solutions to address these two critical challenges, enabling true hack prevention.

• Precise Detection: BlockSec Phalcon uses over 200 clearly defined attack characteristics to identify whether a transaction is an attack, ensuring no attacks go undetected while almost eliminating false positives and avoiding disruptions to the team. This precision is crucial for effective security monitoring.
• Attack-Blocking Capability: BlockSec Phalcon continuously monitors transactions early at the mempool stage. Upon detecting an attack transaction, the system immediately alerts users, automatically initiates a response transaction, and employs a gas-bidding strategy to ensure these system-generated transactions are processed before the attack. This effectively blocks hacker attacks, achieving zero loss. What's more, the platform supports both EOA and multi-sig wallets, enabling projects using Safe{Wallet} to automatically counteract attacks, solidifying its position as a leader in mempool security.

BlockSec Phalcon 2.0: Tailored Security Solutions for Protocols

This advanced attack-blocking system launched by BlockSec had been running internally for two years before its release, successfully blocking over twenty attacks through whitehat rescues, helping project teams recover over $20 million in potential losses. It's the first and only security product with proven records of hack prevention and has successfully blocked multiple hacking attempts.

“Often, we detected attacks but couldn't reach the project team promptly. This led us to think, why not empower project teams directly with the ability to automatically prevent attacks? This was the very motivation for the creation of BlockSec Phalcon,” said Andy Zhou, the CEO of BlockSec.

“In this major upgrade, BlockSec Phalcon 2.0 was redesigned to address the attacks, operational, interaction, and financial risks faced by protocols, and now it covers the vast majority of security risks protocols may encounter after going live. Additionally, we have further optimized the convenience and flexibility of our system configurations. Now users only need to import addresses to complete monitoring configurations with one click, making it very convenient, and they can customize monitoring rules for complex scenarios,” Andy Zhou added.

David Zong, Head of Risk at Bybit, stated, "We are big fans of BlockSec and have been deeply involved from the inception of BlockSec to the use of each of its products. BlockSec Phalcon is a very good security tool, to help Bybit achieve on-chain tracking and web3 contract security monitoring. We will have more cooperation with BlockSec in the future."

BlockSec Phalcon 2.0 represents a significant leap forward in smart contract security. Continuously refining our security solutions to protect the assets of projects and users is our top priority at BlockSec. We are not only committed to code security but also to safeguarding trust and innovation. By ensuring the security of protocols throughout their entire lifecycle, we protect every user's dream to bravely move forward in the Web3 world.

Get Started with BlockSec Phalcon 2.0 for Enhanced Web3 Security

BlockSec Phalcon is an invitation-only SaaS platform, accessible only to invited users. This exclusivity ensures tailored support and maximum effectiveness for our partners.

Interested users can schedule a demo to learn more about the product's features, and have the opportunity to speak directly with security experts to discuss customized security solutions for their specific needs.

Book Demo: https://calendly.com/blocksec/phalcon-demo

Learn More: https://blocksec.com/phalcon

About BlockSec

BlockSec is a full-stack Web3 security service provider. The company is committed to enhancing security and usability for the emerging Web3 world in order to facilitate its mass adoption. To this end, BlockSec provides smart contract and EVM chain security auditing services, the BlockSec Phalcon platform for security monitoring and attack blocking, the MetaSleuth platform for fund tracking and investigation, and MetaSuites extension for Web3 builders surfing efficiently in the crypto world.

To date, the company has served over 300 clients such as Uniswap Foundation, Compound, Forta, and PancakeSwap, and received tens of millions of US dollars in two rounds of financing from preeminent investors, including Matrix Partners, Vitalbridge Capital, and Fenbushi Capital.

Official website: https://blocksec.com/

Official Twitter account: https://twitter.com/BlockSecTeam