ZenGo and Forta Add In-Wallet Monitoring to Protect End Users 

Article by Forta Network Nov. 2, 2022

How do you know the transaction you are signing will not drain your funds and leave you rekt? 

This is the key question as, every day, Twitter is flooded by stories of users getting scammed, drained, and phished for large sums of money. In just the first part of 2022, scammers and hackers stole over $2B via phishing and other exploits. At the same time, Web3 security is still in its infancy, and the majority of the focus to date is around protecting DeFi protocols and smart contracts with audits, bug bounties, and real time threat monitoring provided by Forta.

However, this security stack does little to protect the end user who uses their wallet every day to interact with dApps and other counterparties. Many common attacks like phishing, unlimited token approvals, and scams are targeted towards the everyday user who has little protection as opposed to protocols that are more “hardened.” 

So, what can end users do? The most effective and easiest way to protect end users is for wallet providers to natively include security features inside of their products. Fortunately, there are a few forward thinking wallets that include such security protections like ZenGo, but many have yet to keep up with robust security practices that will become the standard.

Wallets are key to thwarting attackers and protecting end users for two reasons. First, wallets are able to surface an alert prior to an end user signing a malicious transaction or message. Second, wallet interactions see the most pertinent information required to keep you secure, such as counterparty EOA and contract addresses, websites URLs that are interacting with, and SSL/DOM data. But, this information is not enough! This off-chain data needs to be augmented with enriched on-chain analytics.

Forta is a decentralized threat detection network that monitors transactions in real-time. Information from Forta can be utilized to inform protocols about ongoing hacks (Forta protects over $36B of TVL from major DeFi protocols) but also can be used as a system to protect end users. In the latter case, attacks often happen over a period of hours if not weeks (see Forta’s blog on how to derail a $120M hack) providing ample opportunity for Forta intelligence to protect end users. 

Intelligence generated by the community developed detection bots and deployed on the Forta Network that emit alerts in real time when attacks happen. These alerts are accessible publicly and provide the intelligence necessary for users to be protected. 

Real-Time Wallet Security Integration

By integrating natively with ZenGo, a wallet already known for its advanced security features, Forta’s monitoring safeguards now can protect end users. Forta works with wallet providers like ZenGo by combining their data sources with Forta’s on-chain data sources and analytics to surface additional and higher confidence alerts such as scam, phishing, sleep minting (NFT), and token impersonation detection. For example, Forta’s scam detector feed leverages both heuristics and machine learning to continuously detect new malicious EOAs and contracts, and this data feeds directly into ZenGo’s risk analysis engine and alerting features.

Want to see it in action? Download ZenGo to get started

How It Works

At a high level: the problem, the intelligence, and the solution for protecting Web3 wallet users:

1. At the moment, users do not have many protection measures at their disposal. If they are interacting with a scam/phishing site, the only fact checking tool at their disposal is the validation the sites URL and contract address, both of which can be spoofed
2. Forta provides intelligence that is valuable to end users by monitoring the blockchain for a variety of scams programmatically. By aggregating this data and keeping it up to date via automated Forta detection bots, a real time snapshot of Web’s scammers emerges. 
3. Now, by integrating with leading security-focused wallets like ZenGo, that intelligence becomes actionable. Wallets can ask users if they really want to proceed to interact with a contract that has been deemed suspicious, and view the data behind that warning. 

Forta alerts data can be accessed programmatically through two ways:

1. Pulling data periodically through the Forta GraphQL API. API endpoint: https://api.forta.network/graphql
2. Push model through a subscription. Several subscription channels are supported, but the most relevant for programmatic access is the webhook. This can be configured through the Forta App.

If your protocol or wallet is interested in learning more about how to incorporate advanced threat monitoring and security, there are a few easy ways to engage. All Forta bots such as the scam detector and attack detector are open and permissionless on the Forta Network. Anyone can currently subscribe to alerts or access data via the API. Another option is to join the fight against scams and to build custom Forta detection bots for new and specific use cases. Developers can check out our docs here. The Forta community collaborates with protocols and individuals, leveraging trusted and experienced developers from the community, to build custom scripts to provide enhanced analytics and safety features for users.

Other wallet providers should include these features as well, and end users should demand them. Permissionless protocols and wallet providers should not lay the burden of responsibility on their users.