Smart contract audit firm OpenZeppelin launches new app to help prevent DeFi attacks

Quick Take

  • Smart contract security and audit firm OpenZeppelin has launched a new app to help prevent DeFi attacks.
  • The app, called Sentinels, helps DeFi projects detect abnormal behavior and automatically respond to mitigate it. 

Smart contract security and audit firm OpenZeppelin has launched a new app to help prevent exploits in the decentralized finance (DeFi) space.

Dubbed OpenZeppelin Sentinels, the app helps DeFi projects detect abnormal behavior and automatically respond to mitigate it. Sentinels is part of OpenZeppelin's Defender platform that was launched late last year and is already used by several projects, including Compound and Aave.

The Defender platform helps manage smart contract operations. As for the new Sentinels app, OpenZeppelin said it is specifically aimed at reducing DeFi attacks and increase its mainstream adoption.

Last year alone, nearly $130 million was lost to such attacks, according to blockchain analytics firm CipherTrace. This year so far, several projects have seen multi-millions getting drained from their vaults, including Yearn.Finance.

Yearn lost $11 million in an attack last month. OpenZeppelin CTO Jonathan Alexander told The Block that Yearn, which is already a Defender user, could have prevented the attack if Sentinels was live at the time.

"The Yearn.Finance exploit was composed of 11 transactions (so very large gas fees)," said Alexander, adding that Sentinels helps detect transactions that involve large flash loans or large gas fee payments.

"Projects may take hours to notice or react to incidents, and they often find out via social media or side channels, by the time it's too late," said Alexander. "With Defender Sentinels, teams will be alerted in seconds."

Besides flash loans, price oracles are a common cause for DeFi attacks. Alexander said the Sentinels app, combined with the Autotasks app, also helps monitor price oracles.

"Every time an oracle posts a price update on-chain, a Defender Sentinel can detect the update and fire a Defender Autotasks to confirm the price data accuracy vs. other data sources," he said.

The Defender platform consists of several apps — Sentinel, Autotasks, Admin, Relay, and Advisor — to help projects manage smart contract operations.

Defender currently supports the Ethereum blockchain. The support for sidechains such as Binance Smart Chain, Fantom, Fuse, and xDai is also coming later this month, Alexander told The Block, adding that Layer-2 blockchain networks will also be supported "soon."

OpenZeppelin is also discussing a partnership with Blocknative for mempool monitoring, Alexander told The Block. That would help DeFi protocols to detect a malicious or suspicious transaction in the mempool and pause the smart contract before the malicious transaction is executed, said Alexander. Mempool is like a waiting room for transactions that have not yet been included in a block.


© 2022 The Block Crypto, Inc. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Yogita is a senior reporter at The Block and covers all things crypto. Before joining The Block, Yogita worked for CoinDesk and The Economic Times. She can be reached at [email protected] Follow her on Twitter @Yogita_Khatri5.