Defense-in-Depth

FailSafe is an anti-theft Web3 Wallet companion system that is focused on protecting the end to end Web3 transaction journey. FailSafe is built on the defense-in-depth principle: it offers a multilayered set of security mechanisms, with built-in redundancy, designed to minimise the loss of user assets even under the worst-case circumstances (disclosure of the user’s private key, or a compromised insider within a trusted system). FailSafe takes every opportunity to protect the user’s assets across the lifecycle of a transaction: from initial user engagement phase with the dApp, to the point it becomes part of a permanent record on a public ledger. At the outset, on enrollment, Failsafe helps the user to reduce risk by moving the majority of assets to the user’s cold wallet address that does not partake in regular Web3 transactions; this is not unlike what custody solutions do, but a practice that thus far has been unavailable to retail users.

According to a recent study of ERC20 token usage patterns, 60% of all users grant unlimited transfer approvals to dApps, 22% of which are considered to be at high risk of their approved tokens being stolen. By moving the majority of assets to the user’s cold wallet, these assets are no longer exposed to the above risk.

FailSafe, automatically maintains the user desired balance ratio between the hot and cold wallet addresses, preserving the de-risked security posture over time. Once the user engages with a dApp, the FailSafe Blockchain Reconnaissance (FBR) service is used to obtain the risk score for the counterparty’s Web3 address.

If FailSafe software is in the code path, fraudulent transactions are outright blocked. Otherwise, the next layer of protection is the FailSafe Interceptor Service (FIS) which monitors pending transactions submitted to the blockchain’s memory pool . If the transaction counterparty has a high risk score (based on a call to FBR), FIS is capable of submitting another transaction that is executed ahead of the attacker’s, moving the funds at risk into the user’s cold storage address before the attacker's transaction is executed.