Wallets getting hacked, private keys getting exploited, or people falling victim to phishing attacks or fake cryptocurrency giveaways or airdrops and such are not new these days. One just can never be too careful when safeguarding his crypto assets.
Enter FailSafe, the ultimate wallet firewall that is said to have been developed and maintained by Eleos Labs team of cybersecurity experts.0
Let's take a closer look at what it is and what it can do to protect people's wallets and crypto from exploits.
What is FailSafe
Per its Whitepaper, FailSafe is an "anti-theft Web3 Wallet companion system that is focused on protecting the end-to-end Web 3 transaction journey. It offers a multilayered set of security mechanisms, with built-in redundancy, designed to minimize the loss of user assets even under the worst-case circumstances (disclosure of the user’s private key, or a compromised insider within a trusted system)."¹
Accordingly, FailSafe is designed to "provide security to crypto wallets, hence it proactively guards the user's wallet against all cyberattacks. In the event of unauthorized access to a wallet’s assets, FailSafe rapidly intercepts with a counter-transaction that moves the user's funds to his designated FailSafe Recovery Wallet."²
The tool features include scanning the wallet address for threats and security exposure, protection (enabling FailSafe), revocation (of access), and secure connections to help users safeguard their digital assets.
Quoting the introduction via the BNBChain Blog:
Once activated, the FailSafe firewall proactively guards wallets on Binance Smart Chain against cyberattacks – including critical and worst-case scenarios such as complex phishing attempts, private key theft, smart contract hacks, and more.
The service works by rapidly firing a counter-transaction to neutralize any unexpected and malicious attempts to steal a user’s assets. The counter-transaction moves the user’s assets to a secure self-custody smart contract. This global, swift, and vigilant defense system offers users unrivaled security and peace of mind in their digital transactions.³
Currently, the application supports 3 networks, i.e. BNB Chain, Polygon, and Ethereum.
Per the statistics on its website, FailSafe has protected over $9 million worth of crypto, over 3k wallets, and stopped over 103 attacks.
A Personal Test (FailSafe Scanning)
❇️ Opened the site on a browser (https://app.getfailsafe.com/) and I observed that there are two ways to use it. One, just enter the wallet address that we want to be checked.
❇️ Or simply connect your own wallet. It supports Metamask, Wallet Connect, and Coinbase Wallet. There is no transaction fee when connecting, you just need to sign a message. For security purposes, I used a wallet that doesn't contain any valuable assets. I once used it for airdrops.
As I said, we can never be too careful.
❇️ Upon connecting, it shows me a quick scan of the wallet on the Ethereum network. All good there. No threat so far.
❇️ I then switched to BNB Chain and it detected things that needed to be fixed. It now wants me to protect two assets and revoke a previous approval that I had. I didn't even realize that I used the wallet for a bHIVE transaction before.
❇️ Revoking requires a small amount of BNB for gas (approximately $0.20).
❇️ Then I further discovered that to protect the BNB Chain assets that I have on the wallet, I need to have at least 0.01 wrapped BNB (WBNB) before I can enable the FailSafe protection. On the Polygon network, it also requires at least 1 MATIC. I presumed that when on the Ethereum chain, it would also ask for ETH. I've not been able to find out how much is the real cost for it and for how long the wallet stays protected.
Conclusion
FailSafe could be a good tool for users to protect their crypto assets especially when they are actively transacting in various decentralized applications (DApps) and smart contracts. I do recommend further research if you want to use the service or tool.
I'm no techy so I didn't dig deeper into the architecture of FailSafe but if you are, do check their Whitepaper for more details.
To quote their own conclusion in their gitbook:
FailSafe is a safety and protection mechanism that is built for a user base that does not necessarily follow best security practices at all times. FailSafe avoids over-reliance on any single defense mechanism, if one is bypassed, the next one is in line to help minimize losses. This approach spans across the entire lifecycle of a Web3 transaction, from de-risking Web3 asset positions (via auto-rebalancing asset to cold storage) to intercepting the attacker’s transaction via the blockchain mempool, if all other defenses fail.
Similarly, with FailSafe’s forward-security, the risk to the user’s Web 3 assets is reduced even if the underlying cryptographic-based trust is compromised.⁴
I have not thoroughly tested the tool/service and I'm not sure how the protection really works so it will be very interesting to see how it in action in a real scenario where an exploit attempt to a wallet is being made and FailSafe stopping it.
Sources:
