The SphereX Protect has two main components: SphereXProtected and SphereXEngine.


SphereXProtected is an abstract contract utilized by SphereX clients to integrate the runtime data collection and exploit prevention mechanism into their contracts.

Data collection is facilitated through the use of modifiers implemented in the SphereXProtected.sol contract. These modifiers are inherited by the target contracts, enabling the data collection and communication with the SphereXEngine.

SphereXProtected has two integration modes - inline integration mode for immutable contracts, and proxy integration mode for upgradable contracts. Inline mode integrates into the contracts code itself, while proxy mode integrate into the proxy, leaving the implementation code untouched.


The SphereXEngine is the primary component enforcing the protection, analyzing data sent from the protocol's contracts during transaction execution, validating the given transaction fingerprint against safe execution fingerprints. If a transaction fingerprint is not explicitly, it is classified as "suspicious״, and the transaction is reverted before being finalized. Transactions that comply with safe execution fingerprints are approved without any delay or latency.

The safe execution fingerprints are built in advance by an off-chain simulation and analysis engine that extracts behavioral patterns of historical legitimate transactions interacting with the customer's smart contract.

Last updated