DeFi security goes far beyond smart contract audits.
If you’re looking for the highest level of security, CertiK has designed an end-to-end suite of security products that range from KYC authentication to pre-deployment smart contract audits all the way to on-chain monitoring. By layering multiple security solutions you can achieve higher levels of security than by implementing just one solution.
We’ve previously covered what KYC is, as well as what is a smart contract audit, so let’s dive into on-chain monitoring. What is it? How does it work? Why should projects think about implementing it?
On-chain monitoring tools track blockchains in real-time looking for many different types of activity. CertiK’s Skynet is a scalable security solution that leverages automated technologies to check deployed smart contracts for vulnerabilities. Skynet operates on 6 security primitives.
Skynet scrapes data from Twitter to analyze and visualize the data for you. There are three unique features in the social sentiment tab.
First is a keyword rating analysis. This feature takes all tweets and mentions and categorizes them as Positive, Neutral, or Negative. You can then see these broken down as a percentage of total activity as well as how sentiment has changed over time.
Next is Twitter Account Activity. This has 3 sections within it: Total Favorites, Daily Tweets & Mentions, and Followers.
Total favorites shows a graph of ‘favorites’ over time as well as displays the total number of favorites a project has received. Daily Tweets & Mentions will show you the average number of daily tweets & mentions as well as a graph of the change over time. Followers shows you total and new daily followers as well as a graph over time.
Finally we have the Social Keywords Aggregator. The keyword aggregator generates a wordcloud of the major keywords associated with the twitter account of a project. The size of the font shows how frequent the keyword is used.
Tracking social sentiment can help you recognize how the community feels about different projects. Tracking activity and engagement with the projects twitter account can also give you a sense of whether or not momentum is growing or slowing over time.
Unlike traditional finance, all crypto transactions are added to the blockchain in real-time. This creates a unique situation where instead of waiting for quarterly reports as you would with traditional equities, in the blockchain world you can track everything in real time. Blockchains such as Bitcoin, Ethereum, Binance Smart Chain, and others are public ledgers. This means that everything that happens on the network is publicly visible. However, with millions of transactions happening every day, it’s an impossible task for any one person to keep up.
With CertiK’s Skynet, you can see the Performance Summary which shows the total transactions, token transfers, and active users in a 24 hour period. These raw figures can give a good indication of how healthy a platform’s usage is, both by the number of users and the times they’ve interacted with the application.
Over to the right of the Performance Summary you can see Top Callers, Top Events, and Top Function Calls. Top Callers lists the wallet addresses that interact with the smart contract(s) the most. You can click on an address to go to its Etherscan page and find out which tokens it holds and which other platforms it interacts with. Top Events shows you the most common events associated with actions in the application. Lastly, we have Top Function Calls. Again, it’s a bit technical, but it contributes to a complete picture of how the protocol functions, which is vital to an accurate overall Security Score.
When working with data like this, the sky's the limit. Rather than trawling through Etherscan for the raw data, just come to the Security Leaderboard and check out the clearly-presented statistics.
“Governance is what puts the De in DeFi”. On-chain governance is a system for managing and implementing changes to blockchains. In this type of governance, rules for instituting changes are encoded into the protocol. Developers propose changes through code updates and each node votes on whether to accept or reject the proposed change. Implementation of on-chain monitoring via governance differs between various blockchains. CertiK’s Skynet on-chain monitoring data shows the projects Token Holder Distribution Analysis, Top 100 Token Holders, Privileged Transactions, Privileged Addresses, and Privileged Functions.
The Token Holder Distribution Analysis shows the total number of holders, how many wallets make up 50% of the total supply, Holder Distribution Analysis, and Daily New Users. This information is very useful to see how centralized a project is, how many users are interacting with/holding the token, and how fast it is growing. The Top 100 Token Holders show exactly which addresses hold what percentage of the token with the quantity and dollar value as well.
A privileged transaction is one initiated by an address that has power to modify a platform’s smart contracts. The Privileged Addresses section lists all the addresses that have the power to initiate privileged transactions. Privileged Functions outlines the code functions that privileged addresses can invoke.
While token valuations are a combination of speculation and utility, crypto is inherently a financial industry. Price does not always reflect a project’s overall current health and future potential, but it is an important factor in many investment decisions. Whenever traders enter any market, they rely on the market's liquidity. You can monitor liquidity to see how much is there before entering the market. Without available liquidity, it is much harder to buy and sell assets, with potentially either side seeing unfavorable price conditions based on demand. Liquidity is the measure by which one asset can be exchanged for another of equal value.
In Skynet’s Market Volatility section you can find the DEX Liquidity Metrics, DEX Liquidity Charts, Top DEX Liquidity Pairs, and Top Exchanges. Liquidity Monitoring tracks top Decentralized Exchanges (DEX’s) including Uniswap, SushiSwap, and PancakeSwap.
Via Skynet you can also see the Top LP Holders, Top Add Liquidity, and Top Remove Liquidity.
The Skynet Safety Assessment primitive provides a comprehensive overview of the functioning of a project. The safety assessment leverages fact-based and multifaceted safety evaluations. The evaluations are broken down into six categories:
For Security, it utilizes a few different metrics to create a score. These include:
You can find the full explanation of the other categories in the Safety Analysis blog.
The major benefit of on-chain monitoring metrics is that they illuminate investor behavior and network health in real-time. In summary, on-chain monitoring provides crypto traders with a fascinating tool to delve into the real-time insights of a blockchain network. This gives the opportunity to capitalize on the advantages offered by a more data-abundant and transparent crypto market.