Security Modules

Multisig Approval

Require multiple signatures to invoke sensitive admin functions. Similar to multisig wallets, this module prevents operational errors, human mistakes, and protects against compromised keys scenarios by requiring multiple signatures for sensitive functions.

Offchain Approval

Require off-chain validation signature for predefined transactions, before submitting on-chain. Offchain approval safeguards sensitive processes against operational errors and human mistakes or malicious calldata modification. Offchain approval validates the transaction data and behavior.

Privileged Access Management

Control access to critical/sensitive functions by privileged users. Reduce risk of unauthorized access or misuse by enforcing strict policies, tracking activities, and ensuring that only authorized entities have the necessary permissions to perform sensitive tasks.

Rate Limits / Volume Thresholds

Set runtime limits and volume thresholds, limiting the amount of funds that can be transferred per transfer, per account or per given time frame. Prevents large or abnormal transfers, serving as a preemptive damage control tool.

Compliance / Whitelist / Blacklist

Proactively control access to smart contract. A whitelist allows only pre-approved entities to access or perform certain actions, while a blacklist blocks access for pre-defined entities. Use either dynamically configure blacklists and/or standard AML/KYC compliance lists. Prevents unauthorized access and non-compliant interactions.

Reentrancy Guard

Enable automatic and reconfigurable reentrancy guard, without manually inserting nonReentrant modifier in every function. Protect against multi-contract reentrancies (uncovered by OpenZeppelin's standard reentrancy guard).

Invariance Protection

Ensure that certain conditions or properties remain unchanged throughout the contract's execution. Crucial for maintaining the integrity and security of the contract, as it prevents unintended state changes due to exploits or extreme unexpected state changes

Virtual Patching

Provide security patching. Allows blocking vulnerabilities exploitation in the underlying smart contracts without modifying the actual source code. Virtual patches intercept and analyze every transaction data or behavior to block potential exploits, acting as a temporary safeguard until an official patch is released.

3rd Party Integrity

Continuous integrity verification for 3rd party smart contracts. Block any interaction with 3rd party contracts that were modified without notice. Prevents collateral damage due to 3rd party hacks.