Getting Started
AI-driven security, decisioning, and monitoring built into your own private node
The Shield3 Policy Engine enables pre transaction policy enforcement, AI based threat interception, and monitoring at the network layer.
Common Use Cases :
- Trading Desk policy enforcement and risk mitigation - Manage policies for DeFi and trading activity, intercept threats, and integrate monitoring into a single stream of signals to a SOC
- Metatransaction Relayers - Configuration and enforcement of policies for applications submitting transactions on behalf of their customers
- Ex. Appchains, apps running on L2s, custom rollups
- Consumer wallet policies for spending limits, address block/ allow lists, transaction payloads
- Enterprise wallet policies for treasury managers
Book a call with us to discuss your use case!
RPC Transaction Policy Execution
Intro to Policies
Shield3 offers a combination of Shield3 managed, and customer managed policies
Static Policies
- Trigger actions based on:
- Senders
- Target EOAs or Contracts
- Values (native asset, ERC20, ERC721, any token)
- Decoded transaction payloads
- Single send
- Subtransactions in multisend payloads (Using Gnosis Multisend library)
Dynamic Policies
- Trigger actions based on run time state of blockchain at time of broadcast
Adaptive Policies
- Trigger actions based on Shield3 risk score or custom ML models for transaction payload, senders, target contracts, network state, and more
Default Policies
New Shield3 users have access to a default set of managed policies. Users define what actions to take when policy violations are triggered (Block, MFA, Warn)
Value Limits - Define transaction value limits for native assets and ERC20 tokens.
Time Limits - Define periods when transactions are allowed to be broadcast
Anomaly Detection - Train a model on normal behavior for all wallets on the account and flag anomalies
Verified Protocols - Restrict transactions to only contracts associated with verified protocols or protocol groups
Contract Drift - Restrict transactions when a contract's logic has drifted from the last audited version
Phishing Interceptor - Block transactions with known bad actors/ phishing accounts
MEV Risk - Detect when a transaction has a high risk of being exploited through MEV
Threat Interceptor - Block transactions with high risk scores as assessed by a suite of Shield3 managed ML models
Applications
For Trading Desks
Enforce policies for approved strategies for all wallets on the network including both browser based and programmatic activity. Keep control your own keys through hardware wallets, HSMs, or any compatible provider. Stream all trading activity and risk assessments to a central SOC to monitor web3 threats in one place with traditional network security monitoring.
For Metatransaction Relayers and Appchains
Metatransaction relayers can ensure they are only relaying transactions for their customers that fit their policy criteria. Guarantee uninterrupted throughput of high volume transactions from a single sender. Transactions that violate policies are dropped and replaced with 'no-op' transactions with the same nonce.
For Consumer Wallets
Consumer wallets can integrate the Shield3 Policy Engine to enable customers to set spending limits, receive MFA confirmations for transactions, and block transactions with high risk wallets and contracts.
For Enterprise Wallets
Enterprise wallets can integrate the Shield3 Policy Engine to enable role based policies for spending limits and MFA confirmations, and block or flag transactions with high risk wallets and contracts.
Writing Policies
Shield3 supports policies in both JSON and Cedar
Example dynamic policy for run time checks of sender ERC20 balance
const policy: IPolicy = {
scope: {
type: 'key'
},
configuration: 'and',
action: {
type: 'block',
notification: {
type: 'email'
}
},
condition: [
{
type: 'sender',
conditions: [
{
type: 'call',
callType: 'encoded',
abi: [
{
constant: true,
inputs: [{ name: '', type: 'address' }],
name: 'balanceOf',
outputs: [{ name: '', type: 'uint256' }],
payable: false,
stateMutability: 'view',
type: 'function'
}
],
targetAddress: '0x559F839831d5B7032b824B2814CDB156E380b9c9',
targetNetwork: 'goerli',
args: [],
method: 'balanceOf',
conditions: [
{
type: 'value',
valueType: 'gt',
dataType: 'uint',
value: '0'
}
]
}
]
}
]
}
Example static Cedar policy for transaction value check
@PolicyType("Value EOA")
permit (
principal,
action == Action::"EOATransaction",
resource
)
when { context.value.u256LessThan(u256("100")) };
Adaptive Policies
Shield3 is constantly ingesting, analyzing, and training models on the latest exploits, vulnerabilities, and attacks across all chains. This information is used to generate adaptive policies for transaction senders to flag or block high risk transactions.
Actions
Multi-Factor Confirmation
Actions can trigger MFA requests to emails, or custom webhooks. If confirmed, transactions are broadcast. Otherwise they are dropped.
Notifications
Actions can trigger notifications for any blocked transactions or broadcast transactions before or after confirmation. Notifications can be sent to emails, or custom webhooks.
Monitoring
Stream logs from the Shield3 RPC to internal logging systems and SOCs
Audit Logs - Receive annotated logs of all transactions and policy results that have been sent through the customer's node
Risk Assessments - Receive alerts when risk levels change for contracts being accessed through the customer's node
Custom Webhooks - Define custom alerting rules
Updated 4 months ago