Getting Started

AI-driven security, decisioning, and monitoring built into your own private node

The Shield3 Policy Engine enables pre transaction policy enforcement, AI based threat interception, and monitoring at the network layer.

Common Use Cases :

  • Trading Desk policy enforcement and risk mitigation - Manage policies for DeFi and trading activity, intercept threats, and integrate monitoring into a single stream of signals to a SOC
  • Metatransaction Relayers - Configuration and enforcement of policies for applications submitting transactions on behalf of their customers
    • Ex. Appchains, apps running on L2s, custom rollups
  • Consumer wallet policies for spending limits, address block/ allow lists, transaction payloads
  • Enterprise wallet policies for treasury managers

Book a call with us to discuss your use case!

RPC Transaction Policy Execution

Intro to Policies

Shield3 offers a combination of Shield3 managed, and customer managed policies

Static Policies

  • Trigger actions based on:
    • Senders
    • Target EOAs or Contracts
    • Values (native asset, ERC20, ERC721, any token)
    • Decoded transaction payloads
      • Single send
      • Subtransactions in multisend payloads (Using Gnosis Multisend library)

Dynamic Policies

  • Trigger actions based on run time state of blockchain at time of broadcast

Adaptive Policies

  • Trigger actions based on Shield3 risk score or custom ML models for transaction payload, senders, target contracts, network state, and more

Default Policies

New Shield3 users have access to a default set of managed policies. Users define what actions to take when policy violations are triggered (Block, MFA, Warn)

Value Limits - Define transaction value limits for native assets and ERC20 tokens.

Time Limits - Define periods when transactions are allowed to be broadcast

Anomaly Detection - Train a model on normal behavior for all wallets on the account and flag anomalies

Verified Protocols - Restrict transactions to only contracts associated with verified protocols or protocol groups

Contract Drift - Restrict transactions when a contract's logic has drifted from the last audited version

Phishing Interceptor - Block transactions with known bad actors/ phishing accounts

MEV Risk - Detect when a transaction has a high risk of being exploited through MEV

Threat Interceptor - Block transactions with high risk scores as assessed by a suite of Shield3 managed ML models

Applications

For Trading Desks

Enforce policies for approved strategies for all wallets on the network including both browser based and programmatic activity. Keep control your own keys through hardware wallets, HSMs, or any compatible provider. Stream all trading activity and risk assessments to a central SOC to monitor web3 threats in one place with traditional network security monitoring.

For Metatransaction Relayers and Appchains

Metatransaction relayers can ensure they are only relaying transactions for their customers that fit their policy criteria. Guarantee uninterrupted throughput of high volume transactions from a single sender. Transactions that violate policies are dropped and replaced with 'no-op' transactions with the same nonce.

For Consumer Wallets

Consumer wallets can integrate the Shield3 Policy Engine to enable customers to set spending limits, receive MFA confirmations for transactions, and block transactions with high risk wallets and contracts.

For Enterprise Wallets

Enterprise wallets can integrate the Shield3 Policy Engine to enable role based policies for spending limits and MFA confirmations, and block or flag transactions with high risk wallets and contracts.

Writing Policies

Shield3 supports policies in both JSON and Cedar

Example dynamic policy for run time checks of sender ERC20 balance

		const policy: IPolicy = {
			scope: {
				type: 'key'
			},
			configuration: 'and',
			action: {
				type: 'block',
				notification: {
					type: 'email'
				}
			},
			condition: [
				{
					type: 'sender',
					conditions: [
						{
							type: 'call',
							callType: 'encoded',
							abi: [
								{
									constant: true,
									inputs: [{ name: '', type: 'address' }],
									name: 'balanceOf',
									outputs: [{ name: '', type: 'uint256' }],
									payable: false,
									stateMutability: 'view',
									type: 'function'
								}
							],
							targetAddress: '0x559F839831d5B7032b824B2814CDB156E380b9c9',
							targetNetwork: 'goerli',
							args: [],
							method: 'balanceOf',
							conditions: [
								{
									type: 'value',
									valueType: 'gt',
									dataType: 'uint',
									value: '0'
								}
							]
						}
					]
				}
			]
		}

Example static Cedar policy for transaction value check

@PolicyType("Value EOA")
permit (
  principal,
  action == Action::"EOATransaction",
  resource
)
when { context.value.u256LessThan(u256("100")) };

Adaptive Policies

Shield3 is constantly ingesting, analyzing, and training models on the latest exploits, vulnerabilities, and attacks across all chains. This information is used to generate adaptive policies for transaction senders to flag or block high risk transactions.

Actions

Multi-Factor Confirmation

Actions can trigger MFA requests to emails, or custom webhooks. If confirmed, transactions are broadcast. Otherwise they are dropped.

Notifications

Actions can trigger notifications for any blocked transactions or broadcast transactions before or after confirmation. Notifications can be sent to emails, or custom webhooks.

Monitoring

Stream logs from the Shield3 RPC to internal logging systems and SOCs

Audit Logs - Receive annotated logs of all transactions and policy results that have been sent through the customer's node

Risk Assessments - Receive alerts when risk levels change for contracts being accessed through the customer's node

Custom Webhooks - Define custom alerting rules