Zellic proudly announces the EVM trackooor, a modular tool for monitoring arbitrary actions on chain.
With the amount of data that blockchains contain, it’s difficult to query and process anything that isn’t indexed event fields.
This is why we built EVM trackooor 🧵👇
What is the EVM trackooor? The EVM trackooor is a framework for tracking any kind of data on a blockchain, including event logs, transactions, and blocks mined.
The EVM trackooor allows you to register what data you want from a blockchain and define what happens when you receive the data, such as processing it and recording it in a database or sending an alert through a webhook.
The EVM trackooor features the following:
- Real-time data monitoring, including event logs, transactions, and blocks mined
- The ability to request historical data, such as past events or transactions that occurred within a block range
- A modular approach to request and process data for any purpose
- Event and function-ABI fetching to automatically decode event logs and transaction calldata
Why did we make the EVM trackooor? Creating a new project every time you want to query and filter data is troublesome.
The EVM trackooor simplifies this process. By being a generic framework for querying and filtering data — all you need to do is tell it what data you’re looking for, and it provides the data directly to you
Let’s look at an example.
Let’s say there’s an address `0xcafe…` holding native ETH and some ERC-20 tokens, and you want to be alerted when it moves those funds.
With the EVM trackooor, all you need to do is provide the address you want to monitor and a callback function that the EVM trackooor will call with your requested data to process.
Then in the callback function, you can implement checking the value and sending alerts.
How has the EVM trackooor been used? We’ve already used the EVM trackooor to…
Monitor for potential exploits funded by Tornado Cash,
Graph funding paths to visualize movements of funds, including native ETH and ERC-20 tokens,
And listen for ownership transfers and proxy upgrades for high-value contracts.
The EVM trackooor is a command-line tool, and you can access it on GitHub. There, you can review its documentation with more info on usage, including how to use preexisting modules or create your own module: github.com/Zellic/EVM-tra…
For a more in-depth look at the EVM trackooor, including example code for a sample use case, check out the full announcement on our blog: zellic.io/blog/evm-track…
Also, go over to the January edition of the Zellic Security Roundup where we cover the latest news in Web3 security: newsletter.zellic.io/p/zellic-secur…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
You "win" – ZKSecurity’s FV contest – by writing the most optimized formally verified circuit for cryptographic primitives.
But how does the best SHA256 circuit have a cost of 0?
Here's how we exploited the FV spec for the top score on all circuits.👇 zk.golf
How does it work?
You upload a circuit, along with a Lean 4 proof of correctness, and submissions are ranked based on circuit cost, which is the sum of the number of witness allocations and the number of constraints.
As all submissions are formally verified, developers could then just take the most optimized circuit for the primitive they wish to use, without having to worry about checking the details of the implementation.
However, one of our researchers stumbled upon a flaw in the scoring specification, allowing them to “prove” a circuit has a cost of 0, regardless of the actual size.
In this screenshot you can see the types of everything we need to provide.
The circuit is provided with `main`. This takes the circuit input as an argument, and returns a circuit (constraint system).
Note that `main` having this type means that the constraints are allowed to depend on the input, which may be counterintuitive.
BLS signatures are everywhere, from Ethereum’s consensus to EigenLayer. But it’s easy to use them wrong.
What are BLS signatures? Let’s talk about the right way and the wrong way to use them:
But first, what are BLS signatures?
BLS signatures are a cryptographic primitive used for signing messages, like ECDSA.
Here’s how the math works. It’s built on top of elliptic curve pairings.
But what makes them so special? Why use these fancy pairings?
BLS’s killer feature: signature aggregation.
You can combine many BLS signatures into a single signature. This lets you transmit and check N signatures all at once, more space and time efficient! And on-chain, optimizations are hugely important for gas savings.
- approve; approving the victim account a large amount (why?)
- burnFrom; burning 0 from the victim (huh?)
- transferFrom; the exploiter is mysteriously able to transfer a large amount from the victim?