Open in app

Sign in

Write

Sign in

Manta Network and Blocksec Announce the Sequencer Threat Overwatch Program (STOP).

Manta Network
9 min readJul 3, 2024

Introduction

In the rapidly evolving landscape of blockchain technology, security remains a paramount concern. As Layer 2 (L2) solutions become more prevalent, ensuring the security and integrity of these systems is crucial. Manta Network and BlockSec have teamed up to introduce the Sequencer Threat Overwatch Program (STOP), a groundbreaking initiative aimed at enhancing security at the sequencer level in L2 solutions. This collaboration promises to set new standards in blockchain security, providing robust protection against sophisticated threats.

What is a Sequencer?

A sequencer, in the context of blockchain technology and specifically Layer 2 (L2) solutions, is a specialized component responsible for managing the order and execution of transactions. This role is crucial for maintaining the efficiency and integrity of the blockchain network. Let’s delve into the details of what a sequencer does and why it is a fundamental part of L2 solutions.

Definition and Functionality

At its core, a sequencer is a system or protocol that collects transactions from users, validates them, and then orders them before submitting these transactions to the Layer 1 (L1) blockchain, such as Ethereum. The sequencer operates in a way that can be compared to how a transaction pool works on the main Ethereum chain but with additional specialized functions and a broader scope.

Here is a breakdown of the sequencer’s main functions:

  1. Transaction Collection: The sequencer receives transaction requests from users. These transactions are typically formatted similarly to Ethereum transactions but are directed to the L2 network instead of the main chain.
  2. Transaction Validation: Upon receiving the transactions, the sequencer validates each one. This involves checking if the sender has sufficient funds, ensuring the transaction conforms to the network’s rules, and verifying the transaction’s overall validity to prevent issues such as fraud and double-spending.
  3. Transaction Ordering: The validated transactions are then sorted by the sequencer according to specific rules. This step ensures that transactions are executed in the correct sequence, which is critical for preventing conflicts and maintaining the integrity of the network.
  4. Batch Submission: Once the transactions are validated and ordered, the sequencer batches them together and submits them to the L1 blockchain. This batching process helps reduce the overall gas fees and increases the efficiency of the network by minimizing the number of interactions with the main chain.

Why is Sequencer Important to L2s?

The importance of sequencers in Layer 2 solutions cannot be overstated. As the blockchain ecosystem grows and more users and applications come on board, the need for scalable, efficient, and secure transaction processing becomes increasingly critical. Sequencers play a pivotal role in addressing these needs by enhancing the capabilities of L2 solutions in several key ways:

Enhancing Transaction Throughput

One of the most significant contributions of sequencers is the dramatic increase in transaction throughput. By handling transactions off-chain and only committing the results to the L1 blockchain, sequencers can process a large number of transactions simultaneously. This capability is crucial for supporting high-demand applications and services that require fast and frequent transaction processing.

Improving User Experience

The efficiency and cost savings provided by sequencers translate directly into a better user experience. Users benefit from faster transaction times and lower costs, which are essential for the adoption of blockchain technology in mainstream applications. Whether it’s decentralized finance (DeFi) platforms, gaming, or supply chain management, the enhanced performance facilitated by sequencers makes these applications more practical and user-friendly.

Importance of Sequencer-level Security

The security provided by sequencers is vital for maintaining the integrity and trustworthiness of Layer 2 solutions. By implementing robust validation mechanisms and attack detection, sequencers will prevent malicious activities such as double-spending and fraud. This ensures that only legitimate transactions are processed, safeguarding the network against potential attacks and maintaining a secure environment for users and developers.

Introduction to Sequencer Threat Overwatch Program (STOP)

The Sequencer Threat Overwatch Program (STOP) is a collaborative initiative by Manta Network and Blocksec designed to provide comprehensive security at the sequencer level. This program integrates advanced threat detection and prevention mechanisms, leveraging both Manta’s strengths and Blocksec’s technology and offering a fortified security layer.

STOP’s Architecture

BlockSec’s Phalcon is the world’s first attack monitoring and blocking platform. STOP ensures the safety of an L2 chain by integrating Phalcon’s attack detection engine directly into it. Here’s how it works:

  1. Transaction Screening: Every L2 transaction passes through Phalcon’s attack detection engine before being included in the L2 chain. The engine analyzes each transaction to determine if it is malicious.
  2. Quarantine: If a transaction is flagged as malicious, it is placed in quarantine for further inspection instead of being added to the chain, while the approved transactions proceed to the sequencer’s mempool.
  3. Further Inspection: The STOP system includes a dashboard for the chain operator to vet quarantined transactions further. With the help of Phalcon Explorer, analysts can thoroughly identify the root cause of suspected malicious transactions and take appropriate actions.

This process prevents harmful transactions from being processed, thus keeping the overall L2 chain secure without additional effort or cost to users and protocols.

STOP’s Architecture. Source: Phalcon

Deep Dive into BlockSec Phalcon

Phalcon, known for its advanced security solutions in the blockchain space, brings a wealth of technical expertise to the STOP initiative. Here, we delve into the specifics of Phalcon’s approach and how it integrates with Manta’s infrastructure to deliver unparalleled security.

Brief Introduction

Phalcon is a security platform developed by BlockSec to monitor and block hacks. The system detects suspicious transactions, instantly alerts users, and takes automated actions in response. It assists protocol teams, traders, LPs, DAO organizations, exchanges, and fund managers in protecting protocols and digital assets. As the world’s only attack-blocking platform with proven records, Phalcon has successfully thwarted over 20 crypto attacks, saving more than $20 million worth of assets. Phalcon comprises two main components: threat inspection and attack blocking. Since STOP primarily utilizes Phalcon’s threat inspection service supported by its attack detection engine, let’s take a closer look at it.

Threat Inspection Service

The Threat Inspection Service is at the core of Phalcon’s security offering. This service analyzes each block and transaction for potential threats, leveraging advanced algorithms and machine learning to identify and mitigate risks. The inspection service works as follows:

  1. Transaction Analysis: Each transaction is thoroughly analyzed to ensure it meets the predefined security criteria. Any transaction that fails to meet these standards is flagged for further investigation.
  2. Attack Detection: Beyond individual transactions, entire blocks are also scrutinized to detect any signs of malicious activity or structural anomalies.
  3. Real-time Alerts and Mitigation: In detecting a threat, the system generates real-time alerts and immediately neutralizes the threat, ensuring the network remains secure.

Breakthroughs of Phalcon-Empowered STOP

With the support of Phalcon, STOP has the following advantages. Firstly, Phalcon’s attack detection engine is highly accurate. It can typically finish the detection of a transaction within a couple of milliseconds, with a false positive rate of less than 0.0001%. Coupled with other self-defined rules, this false positive rate can be further reduced. This ensures that legitimate transactions are not misidentified and that the throughput of the L2 chains is not affected. Secondly, upon detecting an attack transaction, suspicious transactions can be directly quarantined at the sequencer level, preventing the attack from occurring and causing damage from the outset. Finally, the STOP solution only requires the introduction of a threat inspection node in the L2 chain before the sequencer. This built-in security at the chain level avoids the significant costs and time associated with repeatedly building or procuring monitoring platforms for project teams, providing a more robust and seamless security framework.

DeFiRanger

Phalcon’s detection engine is backed by rigorous academic research, ensuring its reliability and effectiveness. One of the cornerstone components of Phalcon’s security offering is DeFiRanger, a sophisticated tool designed to detect and prevent price manipulation attacks in Decentralized Finance (DeFi) applications.

DeFiRanger is a platform-independent tool developed to detect high-level DeFi semantics and identify price manipulation attacks. It bridges the gap between low-level transaction data and high-level DeFi actions, enabling precise detection of complex security incidents that traditional tools might miss. The tool was designed to tackle two main types of price manipulation attacks:

  1. Type I Price Manipulation Attack: This involves an attacker manipulating the price of a token within a DeFi application by exploiting vulnerabilities in the application’s public interfaces.
  2. Type II Price Manipulation Attack: This involves an attacker manipulating the price calculated by a DeFi application (such as a lending app) that relies on real-time token prices from a Decentralized Exchange (DEX).

Key Components of DeFiRanger

DeFiRanger operates through a series of interconnected components and processes designed to thoroughly analyze blockchain transactions and detect potential threats. The primary components and their functions are outlined below:

1. Cash Flow Tree (CFT) Construction

The first step in DeFiRanger’s operation is constructing a Cash Flow Tree (CFT) from raw transaction data. The CFT represents the flow of tokens between accounts and contracts within a transaction, providing a structured view of the transaction’s impact on the blockchain.

  • Invocation Nodes: Represent smart contract function calls.
  • Event Nodes: Represent emitted events from smart contracts.
  • Basic Nodes: Represent fundamental actions such as token transfers, minting, and burning.

This hierarchical structure allows DeFiRanger to trace the flow of assets and identify complex interactions within a transaction.

The rules of identifying basic actions during CFT construction. Source: TDSC DeFiRanger- Detecting DeFi Price Manipulation Attacks

2. Semantics Lifting

Once the CFT is constructed, DeFiRanger lifts the semantics from low-level actions to high-level DeFi actions. This involves recognizing and categorizing basic DeFi actions such as token transfers, minting, and burning into more complex actions like trades, deposits, withdrawals, borrowings, and repayments.

  • Connection: Links basic actions that share the same tokens, ensuring no redundant actions are identified.
  • Insertion: Uses external information to identify internal actions that are not directly observable in the transaction data.
  • Combination: Combines connected basic actions into high-level actions according to predefined rules.

3. Advanced Action Identification

DeFiRanger identifies advanced DeFi actions by combining basic actions within the CFT. This process is guided by a set of rules that define how different actions can be linked and categorized.

  • Trade: A combination of token input and output actions.
  • Deposit: This involves transferring tokens to a DeFi application and receiving a share token.
  • Withdrawal: The reverse of a deposit, where tokens are withdrawn, and share tokens are burned.
  • Borrowing: Involves receiving a loan token in exchange for a debt token.
  • Repayment: The reverse of borrowing, involves the repayment of the loan and burning the debt token.

4. Attack Detection

DeFiRanger employs predefined patterns to detect price manipulation attacks by analyzing the identified advanced actions. It specifically looks for patterns that indicate:

  • Hoard-and-Dump: Where an attacker first hoards a token and then dumps it to profit from price manipulation.
  • Forced Buys: Where an attacker forces a victim contract to buy tokens at an inflated price.

Conclusion

The Sequencer Threat Overwatch Program (STOP) represents a significant advancement in the security of L2 solutions. By leveraging the combined strengths of Manta Network and Phalcon, STOP provides robust protection at the sequencer level, ensuring the integrity, transparency, and performance of blockchain transactions. This initiative not only enhances the security of current L2 solutions but also sets a new standard for future developments in the blockchain ecosystem.

Through STOP, Manta and Phalcon are paving the way for a more secure and reliable blockchain infrastructure, fostering greater trust and adoption among users and developers alike. As the blockchain landscape continues to evolve, initiatives like STOP will be crucial in maintaining the integrity and security of these decentralized systems, ensuring they can deliver on their promise of a fair, transparent, and efficient digital future.

About Manta Network

Manta Network is the modular blockchain for zero-knowledge (ZK) applications. Manta Pacific is the modular L2 ecosystem for EVM-native ZK applications and dApps that want to deliver the lowest cost and best experience for users. Leveraging Manta’s Universal Circuits to enable ZK-as-a-Service and Celestia’s data availability for modularity to deliver low gas fees, Manta Pacific offers the perfect environment for ZK-enabled applications. Learn more about Manta Pacific here.

Manta Network was created by a team of experienced founders from prestigious institutions, including Harvard, MIT, and Algorand. Manta Network has received investments from many of the top web3 investment funds, including Binance Labs and Polychain Capital. It has grown through participation in the best web3 accelerators, including Alliance DAO and Berkeley Blockchain Xcelerator.

Website | X | Discord | Telegram Announcements

Manta Pacific
Manta Network
Layer 2 Solution
Blocksec

--

--

Manta Network
Manta Network

Written by Manta Network

47K Followers
4 Following

Manta Pacific, the First Modular L2 | Backed by PolyChain, Binance Labs | 🤝 Celestia, Polygon, LayerZero

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams