Runtime Security

Detect attacks that happen during transaction execution.

Reentrancy Detection

Monitors when contracts or functions are called recursively before initial execution completes. Available at both contract-level and function-level granularity for precise coverage of withdraw, transfer, and critical state-changing functions.

Related Incidents: Penpie ($27M), Sumer Money, Minterest Finance

Flash Loan Monitoring

Detects transactions that combine flash loan operations with calls to critical contracts or significant fund outflows. Catches manipulation attempts, price oracle attacks, and complex DeFi exploits using uncollateralized instant loans.

Related Incidents: Multiple oracle manipulation attacks

Function Sequence Validation

Alerts if functions occur in unexpected sequences. Use whitelist mode to enforce atomic execution or blacklist mode to block dangerous patterns.

Related Incidents: Sonne Finance, DeltaPrime, UwU Lend

External Call Protection

Enforces strict rules on which functions can be called immediately after specific contract interactions. Whitelist or blacklist specific call patterns to detect unauthorized interactions.

Related Incidents: Spectra, Dough Finance, LI.FI

Illogical Function Loops

Detects suspicious function call patterns that shouldn't occur in the same transaction, like adding and removing liquidity atomically, or opening and liquidating a position in a single tx.

Related Incidents: Vyper exploit, Zunami

Sandwich Attack Detection

Monitors for coordinated sandwich attacks, front-running, and back-running patterns. Identifies MEV bots, transaction reordering attacks, and mempool exploitation that steal value through slippage manipulation.

Delegatecall Monitoring

Monitors delegatecalls to unauthorized functions that could compromise contract security. Detects malicious delegatecall attacks, unauthorized proxy calls, implementation manipulation, and access control bypasses.

High Gas Detection

Identifies transactions with unusually high gas consumption that may indicate attack attempts, DoS attempts, infinite loops, reentrancy exploits, or computational abuse.

Trace Call Frequency

Detects potential exploits by identifying excessive function call frequencies within single transactions.