en
Back to the list

Crypto Security Firm Ironblocks Builds 'Firewall' for DeFi Protocols

source-logo  coindesk.com 05 June 2024 16:29, UTC

Blockchain security platform Ironblocks has a new tool for DeFi developers who want to add security to their smart contracts.

At launch, the service has three big-ticket users: the zkEVM chain Linea, AltLayer and the layer-2 network Kinto – with more on the way.

A cottage industry of crypto security firms police the aftermath of protocol hacks and heists. Now one of them is out with a "firewall" aimed at stopping those thefts beforehand.

Blockchain security platform Ironblocks' new tool is a free service for developers who want to add security to their smart contracts, CEO Or Dadosh told CoinDesk. Called Firewall, it allows them to plug-and-play various security "policies" to monitor transactions on their decentralized finance protocols for suspicious attempts.

The open-source toolkit could offer at least some salve to the ever-present threat of hacks in DeFi. Dadosh estimated any given week brings with it as many as 10 different hacks of protocols offering lending, trading, staking or other financial services to crypto holders. Those heists add up: PeckShield estimated $60 million in losses in April.

Firewall sits inside the smart contracts processing protocols' transactions, Dadosh said. Developers get their pick of a handful of policies that scour the flow for sketchy patterns and other tells that a hack is in progress.

"It doesn't stop or pause the application, it just stops the specific transaction that may attack the application, just like in web2 firewalls," Dadosh said.

At launch, the service has three big-ticket users: the zkEVM chain Linea, AltLayer and the layer-2 network Kinto. Dadosh said more are on the way.

Because the service is free to use, it is not meant to be a direct moneymaker for Ironblocks, an Israeli startup that last raised $7 million in venture funding in early 2023. Instead, it's a feeder for the company's other crypto cyber defense products including the upcoming "Venn Security Network," according to its website. Dadosh was hesitant to discuss what the network would look like.

But the Firewall toolkit could offer a step forward for security in an ecosystem where code immutability makes incremental updates – a bug here, a potential exploit there – hard to patch on the go. Dadosh said developers can add more policies to their code after the fact, and remove them, too.

How the developers make these changes is really up to them. Perhaps they could turn the decisions over to their projects' token-holding governance communities, to a wallet controlled by multiple parties (a multisig) or to the DAO.

The point is to stop the hacks before they happen.

"Once you get hacked, in most of the cases, you're done," Dadosh said. "And this is what we're trying to prevent."

coindesk.com