Nethermind: Why we are building on Forta

Nethermind
Nethermind.eth
Published in
5 min readSep 30, 2021

--

Nethermind is very excited to announce our involvement with Forta, the first decentralized security protocol for smart contracts. Picture this: an army of agents tasked with promptly detecting threats on the blockchain and raising alerts. Sound awe inspiring (and a bit dramatic)? Granted, it’s both, but against the backdrop of preventing and minimizing potential damage and loss of funds, drama is to be expected.

Two months ago, Nethermind became an official agent development partner of Forta, a runtime decentralized security protocol. Let’s delve into how Forta began, its core mission, and share our experience as an agent developer.

Introducing Forta

OpenZeppelin, the leader in smart contract auditing and security, recognized that runtime security monitoring for smart contracts was a vastly underserved area of crypto security. While centralized solutions performing runtime security monitoring for non-crypto applications are already prevalent, there hasn’t been anything comparable for smart contracts. After extensive discovery workshops with its clients and months of analyzing DAO, DeFi and NFT hacks, OpenZeppelin started building a prototype and assembled a leading group of backers and partners including a16z, Blockchain Capital, and our company, Nethermind.

The result of these efforts is Forta — the first decentralized security protocol for the open economy. It’s an enterprise-grade runtime security platform, built to promptly detect threats and other system critical issues. Timely and relevant information concerning threats is key for teams to have a chance at preventing threats and minimizing loss of funds — and that’s exactly what Forta offers. Forta’s aim is to provide the comprehensive and scalable security solutions necessary to unlock the full institutional and individual participation potential within the blockchain ecosystem.

Tomasz K. Stańczak, Founder of Nethermind said

“ We are excited to work with the amazing team behind Forta and their community. Our participation in the project is a great opportunity to further strengthen our dedication to Ethereum protocol security.”

How does it work?

Forta has two main components — agents and nodes. Agents are pieces of logic (scripts) that search for certain transaction characteristics or state changes. Nodes run agents against each mined block and transactions. When the agents detect an issue, the protocol immediately emits an alert, which teams can utilize via a registry or via an API. Forta also captures the lack of alerts, a negative signal so to speak, which further mitigates the risk of a blindspot.

Forta acknowledged that a team with a centralized solution cannot address the risks in an ever-changing environment and keep up with the pace of innovation that we see today. As every new protocol or contract deployed introduces new risk vectors, it is precisely this decentralized development approach of having multiple agent developers that gives Forta the adaptability required to withstand a rapidly growing landscape of risk.

Our role

Nethermind is one of the first Forta community members to join the project as an agent developer. We contribute by writing the scripts for the agents that will run on nodes, allowing the agents to scan transactions and state changes. The sheer excitement building on Forta is just getting started.

Mauricio Perdomo Cortés, Smart Contract Engineer at Nethermind said, “Writing agents is good for developing competency; diving into the depth of transaction traces where you fetch and decode information from multiple contracts and transactions, deepens expertise in Application Binary Interface (ABI) and contract storage layout. Being an agent developer means you are writing programs that will continuously be observing the contracts on the network and looking out for any malicious activity.”

Nethermind’s growing team of agent developers currently includes Mauricio Perdomo Cortés, Lázaro Raúl Iglesias Vera, Rachit Anand Srivastava and Murat Celiktepe. They all agree and describe the feeling of an agent emitting an alarm as somewhat bittersweet, because while you know the alarm is bad news, seeing your agents working and accurately reporting findings is great.

Lázaro Raúl Iglesias Vera further noted, “Not every alarm is necessarily malicious though. A day after a so-called re-entrancy agent was published, our team noticed 5 calls reported — the largest amount at the time. The team turned to the explorer to trace and analyze the sender’s transactions, only to discover that it was a completely legitimate account.”

Murat Celiktepe added, “The collaboration with Forta has been hugely rewarding. Not only have we had the opportunity to master attack vectors and how these are executed, but also the consideration for low level interactions. Overall, we have further deepened our knowledge of smart contract security.”

Nethermind sees Forta as an inevitable step towards securing the DeFi ecosystem to a point where it can sustain mass adoption and we consider ourselves honoured to be part of building and testing the next big layer of security for smart contracts.

Rachit Anand Srivastava noted, “Nethermind’s goals are fully aligned with Forta’s vision: to build an effective, decentralized runtime security protocol for the open economy. We are proud to be a part of such an amazing project and to have a chance to work with some of the best security companies in the blockchain space.”

Follow Forta on their social channels:

Twitter — — — — — — — LinkedIn — — — — — — Discord

About Nethermind:

Nethermind has a world class team of builders and researchers with expertise in all aspects of Ethereum — protocol engineering, layer 2, MEV, DeFi and smart contracts development, sidechains, data extraction, NFTs and more. We build technology infrastructure and tools, provide R&D and consulting services for Ethereum and DeFi projects. The Nethermind team actively contributes to Ethereum core development and supports many Ethereum projects to help further develop the ecosystem.

We want you to be part of our journey.
Follow along on our blog and social channels to keep up to date with all the latest news and announcements:

Twitter — — LinkedIn— — — Discord — — Reddit— — GitHub —— Medium — — Website — — Newsletter

--

--