Hacken Extractor
  • 🚀Getting Started
  • ⛓️Supported Networks
  • Monitoring and Detection
  • Security monitoring
    • Intro
    • Detectors
      • Extractor Attack Detector
      • Forta Attack Detector
      • Custom Detectors
      • Block Anomaly
      • Block Re-org
      • DNS Monitor
      • Contract Verification
    • Setup Detectors
  • Compliance Monitoring
    • Intro
    • Detectors
      • AML Monitor
      • TVL Monitor
      • Circulation Supply Monitor
      • Whales Detector
      • Price Monitor
      • Github Monitor
      • Proof Of Reserves Monitor
      • Safe Multisig Monitor
    • Setup Detectors
  • Advanced monitoring
    • Intro
    • Triggers
    • Setup triggers
    • Recommendations by SC type
      • Staking
      • Vesting
      • Fungible Token (EIP-20 compatible)
      • Non-Fungible Token (EIP-721 compatible)
      • Yield Farming
      • Lending
      • Token Sale
  • Smart Contract Actions
    • Intro
    • Action Providers
      • Create Action Provider
      • Connect Action Provider
      • Deposit
      • Withdraw
    • Setup Action
  • Support
    • 📧Support
  • Legal documents
    • Cookie Policy
    • Terms of Service
    • Privacy Notice
Powered by GitBook
On this page
  • Monitor withdrawal of tokens before the end of the staking period
  • Monitor unexpectedly large deposit amounts
  • Monitor withdrawal of an amount that is greater than the largest deposit

Was this helpful?

  1. Advanced monitoring
  2. Recommendations by SC type

Staking

A staking contract is a type of smart contract that enables users to hold and lock up a certain amount of cryptocurrency or tokens as collateral in order to participate in a blockchain network's consensus process and earn rewards.

Monitor withdrawal of tokens before the end of the staking period

Trigger: ERC20 Transfer more than n

Parameters:

  • Token address: the address of the collateral token

  • Amount: should be as low as possible, for example less than the minimum deposit amount

  • Destination: from

Severity: see the use cases

Alerts: see the use cases

Use cases:

  • If a contract prohibits withdrawals before the end of the staking period, triggering this trigger may indicate a vulnerability in the contract. In this case, we recommend setting the severity to critical and enabling alerts.

  • If a contract allows for early withdrawals, then such a trigger would simply reflect that some users have chosen to withdraw tokens for some reason. In this case, we recommend setting the severity to low.

Monitor unexpectedly large deposit amounts

Trigger: ERC20 Transfer more than n

Parameters:

  • Token address: the address of the collateral token

  • Amount: should be 5-10% more than the largest expected deposit

  • Destination: to

Severity: Medium

Alerts: On

Use cases:

  • Unexpectedly large amount of deposit may be a sign that the attacker has found a vulnerability in the smart contract and is making a large deposit to get more profit from the exploit.

Monitor withdrawal of an amount that is greater than the largest deposit

Trigger: ERC20 Transfer more than n

Parameters:

  • Token address: the address of the collateral token

  • Amount: should be greater than the largest deposit by at least 1 wei

  • Destination: from

Severity: Critical

Alerts: On

Use cases:

  • If there is a withdrawal from the contract for an amount greater than the largest deposit, then this is a clear sign that the contract has been hacked.

PreviousRecommendations by SC typeNextVesting

Last updated 1 year ago

Was this helpful?