Every blockchain developer knows the fundamental risks of smart contracts. Whether working on DeFi, NFTs, or DAOs, hacks happen and the honeypot for bad actors is large. In the last couple of years many smart contract auditing firms have arisen, but as helpful as audits, code libraries and other techniques are in identifying or preventing bugs and vulnerabilities in code, there is a limit to their effectiveness. Once a smart contract is deployed on a blockchain, new cybersecurity, financial, governance and operations threats are introduced, the four primary risk verticals of the decentralized economy.
The Forta Network was designed to address these risks in real-time, filling a void in post-deployment security (referred as runtime security in Web 2.0). Today, developers are building detection bots, code scripts that scan and monitor blockchain transactions to find anomalies and potential threats – allowing protocol developers, investors and integrators to take defensive action. Tomasz from Nethermind, one of the developer teams building detection bots on the Forta Network, reflects on the project and security best practices in the community.
Tomasz Stańczak founded Nethermind in August 2017, and rapidly assembled a world class team that builds Ethereum solutions for developers and enterprises. The Nethermind team believes Forta can help build safer protocols by providing generalized security tooling for DeFi, NFTs, and DAOs. “The more decentralized the system is, where different players in the space create their own solutions, their own alerting systems, their own analyzers, the more attacks we can respond to quickly.” Tomasz states.
Nethermind has a team of four developers building detection bots on Forta. One of the bots they have built is an alert for Tornado Cash, which detects when a single address sends more than 100 ETH into Tornado Cash in a single day. Another example includes a Miner Extractable Value (MEV) Tracker that looks for contract interactions inside an MEV bundle in order to shine light on and prevent future attacks. Additionally, the team has built bots to detect flash loans, Gnosis Safe admin changes, sandwich attacks and upgrade events, among others. Nethermind has also focused lately on building detection bots to monitor Maker’s Emergency Shutdown Module, Oracle Security Module and Governance Module.
Tomasz is determined to build a solid framework of composability between Forta detection bots – that is, allowing developers to link pieces of code composed by others to achieve more complex scenarios. The “Lego building blocks” of DeFi applied to blockchain security: leveraging each other’s code, and therefore each other’s utility. When discussing the future of Forta, he believes Forta users will be interested in seeing alerts at scale, to obtain ”a signal of the heartbeat of Ethereum security,” which could indicate overall stress to the ecosystem. All Nethermind’s developed detection bots can be tracked on their Github.
Nethermind’s developers have already achieved technical depth and detection bot development acumen, which should become increasingly valuable as the Forta Network scales and users continue to rely on Forta’s alerts.
Together, we are improving smart contract security with Forta
Forta is a community-driven network designed to be a public utility serving the DeFi, NFT, and DAO ecosystems. We are excited to highlight the efforts of developers who are building innovative detection bots on the Forta Network. With the help of Nethermind, Forta is heralding a new era of smart contract security.
Securing blockchains and digital assets is a critical part of driving mainstream crypto adoption. As the world’s economy moves to decentralized systems, Forta’s end goal is to protect the world’s most valuable economic transactions.
If you’re a developer, join the growing community building detection bots on the Forta Network. Start from the developer SDKs to build your first detection bot, either in Javascript or Python. Check out the Github detection bot examples repo for inspiration and join us in Discord to stay tuned!