System Overview

The spherex-protect solution is based on embedded smart contracts that integrate into the protected dApp smart contract, and block any exploitative behavior. While the vast majority of transactions in smart contracts are legitimate and behave as expected, an exploit is essentially an unexpected edge case caused by a flaw in the code which is exploited by an attacker. Therefore, exploitative transactions generate unique, never-seen-before “execution fingerprints”.

The embedded contracts collect and analyze execution fingerprints while the transaction is being processed, and those fingerprints are compared against verified safe behavior patterns, during execution. Thus, spherex-protect practically enforces every transaction to comply with legitimate and safe behavior, preventing any malicious transaction from being approved and executed.

The safe execution patterns are extracted from legitimate transactions, either using historical transactions, or simulating legitimate transactions in a test environment. The resulting patterns are uploaded on-chain and the process of runtime analysis and protection is fully composable and atomic.

No black magic or sophisticated, unexplainable ML running on-chain. Rather, everything is presented in a simple, human-readable format.

On top of the exploit prevention capability, spherex-protect is a modular platform, allowing simple deployment of additional security and policy features to verify policy compliance, e.g. AML blacklists, rate-limit, access management, and more.

Once a suspicious transaction is reverted it can be analyzed in a dashboard web-app for fingerprint extraction, data aggregation, and deeper analysis. Finally, a detailed and explainable report is generated for the suspicious transaction, together with extended and enriched data enabling the protocol operators (DAO / multisig / single operator) to approve upcoming execution patterns in the future.

Last updated