• Hacken
  • Blog
  • Hacken News
  • Enhanced Real-time Protection For Web3 Projects By Hacken Extractor

Enhanced Real-time Protection For Web3 Projects By Hacken Extractor

3 minutes

Today marks a significant milestone for Extractor’s Protection Mechanism release as we transition from the “Coming soon” stage to “Released.” This update introduces a robust suite of Smart Contract Actions aimed at enhancing security and safeguarding user assets.

Hacken Extractor Security Stack Recent Updates 

2024 has already proven to be one of the most productive years for ExtractorHacken’s post-deployment security solution for attack detection and prevention. In the last quarter alone, we rolled out two significant releases for the Extractor Platform:

  1. Forta Attack Detection Integration: With this recent release, we ensured the best-in-class detection ratio with two powerful on-chain detectors (Forta and Extractor) working simultaneously under the hood of the Extractor Platform. Learn more here.
  2. Expanded network coverage: As of now, Extractor supports monitoring addresses on 13 networks, including Ethereum, Optimis, BNB, Gnosis, Polygon, Phantom, Arbitrum, Linea, Base, Scroll, zkSync, Avalanche, and Blast.

Now – Introducing Smart Contract Actions

Today, we are announcing another vital protection mechanism – Smart Contract Actions. Smart Contract Actions unlock a new dimension of post-deployment security, making your response to potential threats detected by the monitoring systems faster and more intuitive than ever before.

Now, Extractor lets you configure administrative smart contract actions tailored to your needs. Whether it’s pausing contracts, initiating emergency withdrawals, or any other Contract Actions, you’re equipped to take decisive action in real-time.

With seamless access to a comprehensive array of contract functions, configuring Contract Actions is a breeze. Simply specify the desired function call and predefined parameters to ensure your contracts are safeguarded against any eventuality.

Empower your security strategy with both automated and manual responses triggered by specific monitoring events detected by the Hacken Extractor. Stay one step ahead and protect your assets with confidence.

For detailed information and setup instructions, please visit our Documentation: https://docs.extractor.live/

Preventing Asset Loss in Real-Time With Extractor

Discover how Hacken Extractor’s Smart Contract Actions can protect smart contracts in real time, stopping hacks before they occur.

Polyhedra Hack Breakdown

Let’s delve into a recent exploit on the Polyhedra Network, where $700,000 worth of $THE tokens due to key leakage on the BNB Chain. The exploit involved these key steps:

  1. Funding Account from Tornado Cash – Mar-12-2024 07:41:18 PM
  2. Deploying a malicious Smart Contract for new implementations on Polyhedra Wallets (within 1m 03s after funding)
  3. Accessing the account via leaked key and upgrading four Proxy Contracts’ implementations with the malicious contract (within 6m 21s)
  4. Withdrawing BNB & $THE tokens, resulting in a main loss of 1,400,000 $THE tokens, worth around $700,000.

How Extractor Could Have Prevented This Hack

Now, let’s explore the prevention mechanisms that could have been set up in Extractor beforehand:

Option 1

  • Contract Action: Set the transferOwnership function as a reaction to any Proxy contract Upgrade event.
  • Result: The attacker would have lost the ability to upgrade Proxy contracts, as ownership would have been transferred to a Safe Account.

Option 2

  • Contract Action: Set the Transfer function for all funds to a rescue vault as a reaction to any Proxy contract Upgrade event.
  • Result: The attacker would have lost the ability to withdraw any funds.

Option 3

  • Contract Action: Set the Pause function for all contracts as a reaction to any contract Upgrade event.
  • Result: The attacker would have lost the ability to withdraw any funds.

In summary, Hacken Extractor could have saved Polyhedra $700,000 with the most robust protection mechanism called Smart Contract Actions. This is only one example of the real-world functionality of powerful and fully automated post-deployment protection, and Extractor’s protective shield is only getting more efficient.

Protect Smart Contracts And Protocols With Extractor

At Hacken, our mission is to provide the most secure, user-friendly, and cutting-edge solutions for Web3 security. Extractor leads the charge today with unmatched detection and protection capabilities. It’s the all-in-one solution tailored for smart contracts and DeFi protocols, eliminating the need for integrations and additional resources.
Discover the unparalleled power and convenience of Extractor firsthand by signing up for our free, no-commitment 30-day trial here.

Subscribe
to our newsletter

Be the first to receive our latest company updates, Web3 security insights, and exclusive content curated for the blockchain enthusiasts.

Speaker Img

Table of contents

Tell us about your project

Follow Us

Read next:

More related

Trusted Web3 Security Partner