Comprehensive Security Event Detection (Notifications)
This page describes the security events detected by OMNIA when analysing transactions made by our users in order to protect them from malicious activities.
Address-Related Security Events
MaliciousAddressEvent
Indicators:
Blackmail activities
Stealing attacks
Malicious mining activities
Darkweb transactions
Cybercrime
Money laundering
Financial crime
Blacklist doubts
Mixer usage
Sanctioned addresses
Creation of malicious contracts
Reason: To prevent interactions with sanctioned or malicious addresses, safeguarding both the user and our platform.
ScamAddressEvent
Indicators:
Phishing activities
Fake KYC attempts
Fake standard interfaces
Reason: To avoid irreversible loss of funds by preventing transactions with scam-involved addresses.
HackingActivityAddressEvent
Indicators:
Honeypot-related addresses
Gas abuse
Reinitiation attacks
Reason: To prevent potential irreversible loss of funds by avoiding interactions with compromised addresses.
Smart Contract Security Events
ClosedSourceContractEvent
Indicators: Closed-source contracts
Reason: To notify users post-transaction that complete security checks couldn't be applied due to closed-source nature, setting the default interaction as optimistic/permissive.
SelfDestructContractEvent
Indicators: Contracts with self-destruct capabilities
Reason: To inform users of the risks associated with self-destruct functionalities, allowing interaction while acknowledging the potential for assets becoming unavailable.
ProxyContractEvent
Indicators: Proxy contracts
Reason: To notify users post-transaction about the proxy nature of a contract, which can change behavior and make security checks inconsistent.
Generic Calls
ERC-20 Contracts
MaliciousOwnershipEvent Indicators:
Ownership take-back capabilities
Owner balance alteration
Hidden owner
Reason: To alert users post-transaction about the potential risks of contract ownership changes.
HackingActivityContractEvent Indicators:
External calls with ownership take-back capabilities or hidden owner
Gas abuse
Reason: To warn users before transaction about the risk of loss due to hacking activities.
ExternalCodeCallEvent Indicators: External code calls
Reason: To inform users post-transaction of the increased risk associated with external, non-audited code calls.
HoneypotContractEvent Indicators: Honeypot behavior
Reason: To prevent interactions with honeypot contracts that can lead to loss of funds.
Trading-Related Security
RestrictedTradingEvent Indicators:
Sell tax
Inability to sell all tokens
Modifiable slippage
Transfer pausability
Trading cooldown
Mintable contracts
Reason: To notify users post-transaction about trading restrictions that could impact liquidity and token usability.
Scam-Related Security
ScamTokenEvent Indicators:
Airdrop scams
Cloning real tokens
Reason: To prevent interactions with scam tokens that can lead to irreversible loss.
PotentialRugPullEvent Indicators:
Privilege withdrawal
Missing withdrawal with blackhole owner
Reason: To alert users post-transaction about potential rug pull risks, ensuring they are aware and cautious.
ERC-721 & ERC-1155 Contracts
MaliciousNFTContractEvent Indicators:
Malicious NFT contracts
Privileged burn by EOA
Oversupply minting
Reason: To prevent interactions with malicious NFT contracts that can lead to immediate loss of assets.
Scam-Related Security
ScamNFTEvent Indicators:
Transfers without approval
Unverified or unfrozen metadata
Reason: To avoid transactions with scam NFTs, protecting users from potential loss.
Approval Calls
MaliciousApprovalEvent
Indicators:
Malicious address and behavior
Approval abuse
Reason: To maintain the security of token approvals, ensuring users are protected from malicious approval schemes.
Last updated