Audits
Services
DualDefense
Hacken Audit + Additional Crowdsourced Audit
Learn more
Services
DualDefense
Smart Contract Audit
Blockchain Protocol Audit
DORA Compliance
Virtual CISO
Penetration Testing
Cloud Penetration Testing
dApp Audit
Crypto Wallet Audit
Cross-Chain Bridge Audit
Bug Bounty
Proof of Reserves
CCSS Audit
Tokenomics Audit & Design
Retainer
DualDefense
New Approach To Blockchain Security
Hacken Audit + Additional Crowdsourced Audit
At no extra cost
2 in 1
Dual-layered protection
$0
Costs
30-Day
Crowdsourced audit
Independent
HackenProof bug hunters
Learn more
Solutions
Post-deployment security solution
Hacken Extractor
Real-time smart contract protection from assets loss
Learn more
Solutions
Featured ecosystems:
Ethereum (EVM)
BSC
Polygon
Near
Avalanche
Fantom
Aptos
Sui
Optimism
zkSync
Arbitrum
Solana
Polkadot
Cosmos
Radix
Linea
MetaMask
Others
By Languages:
Solidity
Rust
Move
Blog
Company
Company
Community
Community
- $HAI

Enhanced Real-time Protection For Web3 Projects By Hacken Extractor

Enhanced Real-time Protection For Web3 Projects By Hacken Extractor

3 minutes

Today marks a significant milestone for Extractor’s Protection Mechanism release as we transition from the “Coming soon” stage to “Released.” This update introduces a robust suite of Smart Contract Actions aimed at enhancing security and safeguarding user assets.

Hacken Extractor Security Stack Recent Updates

2024 has already proven to be one of the most productive years for Extractor – Hacken’s post-deployment security solution for attack detection and prevention. In the last quarter alone, we rolled out two significant releases for the Extractor Platform:

Forta Attack Detection Integration: With this recent release, we ensured the best-in-class detection ratio with two powerful on-chain detectors (Forta and Extractor) working simultaneously under the hood of the Extractor Platform. Learn more here.
Expanded network coverage: As of now, Extractor supports monitoring addresses on 13 networks, including Ethereum, Optimis, BNB, Gnosis, Polygon, Phantom, Arbitrum, Linea, Base, Scroll, zkSync, Avalanche, and Blast.

Now – Introducing Smart Contract Actions

Today, we are announcing another vital protection mechanism – Smart Contract Actions. Smart Contract Actions unlock a new dimension of post-deployment security, making your response to potential threats detected by the monitoring systems faster and more intuitive than ever before.

Now, Extractor lets you configure administrative smart contract actions tailored to your needs. Whether it’s pausing contracts, initiating emergency withdrawals, or any other Contract Actions, you’re equipped to take decisive action in real-time.

With seamless access to a comprehensive array of contract functions, configuring Contract Actions is a breeze. Simply specify the desired function call and predefined parameters to ensure your contracts are safeguarded against any eventuality.

Empower your security strategy with both automated and manual responses triggered by specific monitoring events detected by the Hacken Extractor. Stay one step ahead and protect your assets with confidence.

For detailed information and setup instructions, please visit our Documentation: https://docs.extractor.live/

Preventing Asset Loss in Real-Time With Extractor

Discover how Hacken Extractor’s Smart Contract Actions can protect smart contracts in real time, stopping hacks before they occur.

Polyhedra Hack Breakdown

Let’s delve into a recent exploit on the Polyhedra Network, where $700,000 worth of $THE tokens due to key leakage on the BNB Chain. The exploit involved these key steps:

Funding Account from Tornado Cash – Mar-12-2024 07:41:18 PM
Deploying a malicious Smart Contract for new implementations on Polyhedra Wallets (within 1m 03s after funding)
Accessing the account via leaked key and upgrading four Proxy Contracts’ implementations with the malicious contract (within 6m 21s)
Withdrawing BNB & $THE tokens, resulting in a main loss of 1,400,000 $THE tokens, worth around $700,000.

How Extractor Could Have Prevented This Hack

Now, let’s explore the prevention mechanisms that could have been set up in Extractor beforehand:

Option 1

Contract Action: Set the transferOwnership function as a reaction to any Proxy contract Upgrade event.
Result: The attacker would have lost the ability to upgrade Proxy contracts, as ownership would have been transferred to a Safe Account.

Option 2

Contract Action: Set the Transfer function for all funds to a rescue vault as a reaction to any Proxy contract Upgrade event.
Result: The attacker would have lost the ability to withdraw any funds.

Option 3

Contract Action: Set the Pause function for all contracts as a reaction to any contract Upgrade event.
Result: The attacker would have lost the ability to withdraw any funds.

In summary, Hacken Extractor could have saved Polyhedra $700,000 with the most robust protection mechanism called Smart Contract Actions. This is only one example of the real-world functionality of powerful and fully automated post-deployment protection, and Extractor’s protective shield is only getting more efficient.

Protect Smart Contracts And Protocols With Extractor

At Hacken, our mission is to provide the most secure, user-friendly, and cutting-edge solutions for Web3 security. Extractor leads the charge today with unmatched detection and protection capabilities. It’s the all-in-one solution tailored for smart contracts and DeFi protocols, eliminating the need for integrations and additional resources.
Discover the unparalleled power and convenience of Extractor firsthand by signing up for our free, no-commitment 30-day trial here.