0day Attack Mitigation

spherex 0day mitigation is an advanced transaction security solution. It analyzes every transaction's behavior during the execution. our engine classifies transactions as legitimate or manipulative/exploitative and reverts the malicious transactions during execution, ensuring that no manipulative or exploitative transaction is approved. Once exploitative transactions are reverted before they're finalized, any potential irreversible damage is prevented. Legitimate and safe transactions are approved as usual, even while under attack, such that business continuity is maintained.

How Does It Work?

In order to classify a given transaction during execution, the on-chain engine collects various parameters sent by the spherexProtected contracts, such as function id, gas consumption, and storage slots. The engine aggregates all the parameters, ultimately generating an execution fingerprint for the given transaction representing the behavior of the given transaction. The execution fingerprint is then verified against a safe and legitimate baseline of safe behaviors. The baseline is uploaded to the engine in order to activate the protection, and can be further configured later on.

Transactions that comply with safe and legitimate behavior are are classified as legitimate, while those who don't, are classified as suspicious.

Off-chain Simulations

Building the safe behavior baseline can be done manually, or automatically using spherex off-chain simulation engine given historical transactions (either testnet or mainnet). Every historical transaction is simulated off-line, analyzing and extracting it’s behavioral parameters while ensuring it's safe and legitimate. The off-chain simulation engine then generates the on-chain signatures to be uploaded to the engine in order to enforce protection.

Behavioral Reports

Every transaction that interacts with the protected smart contract is analyzed by the off-chain simulation engine. The dashboard then shows a detailed report describing the transaction behavior along with enriched metadata for the processed transaction. In case of suspicious transactions, this allows the operator to fully understand what could happened and provide him with actionable intel.