description |
---|
Tests written with GuardianTest integrate with our continuous monitoring platform to check and verify whether your live app is creating the expected smart contract interactions for users. |
GuardianUI's continuous monitoring solution provides real-time vulnerability detection for your dapp’s frontend.
- Simulate user interactions as frequently as every 5 minutes.
- Verify transactions point to the correct contracts
- Validate approvals give the correct addresses access to user funds
- Get notified immediately when there’s an issue.
Web3 apps still depend on web2 infrastructure - which leaves your dapp exposed to countless vulnerabilities and is impossible to constantly manually review.
GuardianUI can continuously monitor your app for issues that cause your frontend to create the wrong smart contract interactions. This includes:
- DNS poisoning attacks
- Cloudflare attacks
- Javascript injections
- Malicious package injections
- Malicious minifiers
- Package name squatting
- Compromised linters
- And more!
There are several examples of the types of frontend attacks our monitoring system would detect. In each of the examples below, bad actors were able to compromise vulnerabilities with a project’s frontend and steal money from users.
- BadgerDAO (Cloudflare attack) - $120M in user funds stolen
- Sushiswap’s Miso (Supply chain attack) - $3M in user funds stolen
- Curve Finance (DNS) - $600k in user funds stolen
- Ribbon Finance (DNS) - $500k in user funds stolen
- Kyber Network (Google Tag Manager) - $265k in user funds stolen
- Celer Protocol (DNS) - $250k in user funds stolen
- Black Wallet (DNS) - $400k in user funds stolen
- Pancake Swap (DNS) - prompted users to enter seed phrase
- Cream Finance (DNS) - prompted users to enter seed phrase
{% hint style="info" %} GuardianUI was recognized as a leader in the Coinbase Ventures Web3 Security Stack for Threat Intelligence and Security Testing Tools {% endhint %}