Security for Web3 and DeFi projects: from contract auditing to responding to an exploit that drains liquidity
In decentralized protocols, the code is the bank and the attack is irreversible. Decripte audits smart contracts, monitors the chain in real time and contains incidents when every confirmed block means less funds in the pool.
Direct answer
Protecting a Web3 or DeFi project requires treating the smart contract as critical infrastructure: independent code auditing before deployment (focused on reentrancy, logic flaws, oracle manipulation and flash loan scenarios), 24/7 on-chain monitoring of events and anomalous flows, strict governance of administrative keys (multisig, timelock, hardware/HSM) and an incident response plan capable of pausing contracts, alerting exchanges and tracing funds while the exploit is still underway. Decripte combines contract auditing, a SOC with Web3 sensors and incident response with a containment SLA of up to 1 hour to close the loop between prevent, detect and contain.
24/7
SOC monitoring on-chain
<=1h
Incident containment SLA
Web3
Smart contract auditing
On-chain
Flow tracing and forensics
In summary
- ›In DeFi, the code is public and the error is irreversible: a single logic flaw or reentrancy can drain an entire pool within a few blocks, with no chargeback or rollback.
- ›Smart contract auditing is not a one-time event: every upgrade, new integration or oracle parameter reopens the attack surface and demands reassessment.
- ›Speed decides the loss: pausing the contract, flagging wallets and engaging exchanges in the first few minutes can be the difference between partial loss and total loss.
- ›Administrative keys are the most exploited single point of failure: multisig, timelock and hardware custody are as critical as the quality of the contract.
- ›Continuous on-chain monitoring detects the exploit by its behavior (draining, flash loan, invariant change) before the attacker completes the withdrawal.
- ›Decripte closes the loop of auditing + Web3 SOC + incident response, with containment within 1h and forensic tracing of the funds.
Cibersegurança para Web3 & DeFi
In decentralized protocols, the code is the bank and the attack is irreversible. Decripte audits smart contracts, monitors the chain in real time and contains incidents when every confirmed block means less funds in the pool.
Why Web3 and DeFi concentrate a risk unlike anything else
In traditional systems, an exploited flaw usually yields access, data or downtime. In a DeFi protocol, the flaw yields money, immediately and permanently. The smart contract custodies real value, is published on a public blockchain auditable by anyone, and executes exactly what the code dictates, with no human operator in the middle to block a suspicious transaction. There is no fraud desk to reverse it, no chargeback, no settlement period.
This combination inverts the economics of defense. The attacker has a direct, measurable financial incentive, can study the contract freely before acting, and when they act, they finish in seconds. The defender must have gotten everything right before deployment and, at the same time, maintain the ability to react within the window of a few blocks in which the exploit happens. Web3 security is therefore simultaneously an engineering discipline (the contract must be correct) and an operational discipline (the team must see and contain the attack in real time).
What makes the risk irreversible
- ›Confirmed transactions cannot be undone: there is no chargeback or native rollback.
- ›The code is public: the attacker audits the contract before you discover the flaw.
- ›Flash loans provide nearly unlimited capital for a single transaction, with no prior collateral.
- ›Bridges and mixers move stolen funds out of reach within minutes.
The threat map every Web3 team needs to see
Contract vulnerabilities, logic flaws and reentrancy
Most major losses do not come from broken cryptography, but from incorrect business logic in the contract: a swapped order of operations, a balance check performed at the wrong moment, an abusable rounding in a loop, a pool invariant that fails to hold under a specific sequence of calls. These are bugs that pass functional tests because they only manifest under adversarial conditions. Reentrancy is the classic pattern: the contract sends funds to an external address before updating its internal state, and a malicious contract reenters the function and repeats the withdrawal before the debit. The mitigation is well known (checks-effects-interactions, reentrancy guards), but subtle variations keep appearing, especially across distinct functions or via tokens with callbacks.
Oracles and flash loans
DeFi protocols rely on oracles to know the price of assets. If the price is read from a single manipulable source (for example, the instantaneous reserve of a pair on a DEX), an attacker can take out a flash loan, distort that price within the same transaction, induce the protocol to misprice and profit from the difference, all before repaying the loan in the same block. The problem is rarely the flash loan itself; it is the protocol trusting a price that can be bent by temporary capital.
Technical reference
The most exploited failure classes in DeFi are well cataloged: reentrancy, poor access control, price/oracle manipulation, arithmetic errors and invariant logic errors. Decripte's review starts from checklists aligned with the OWASP Smart Contract Top 10 and contract security guides, combined with adversarial manual analysis — because automated tools find known patterns, but business logic flaws require human reasoning.
Administrative keys and signature phishing
Many contracts have privileged functions: pause, upgrade (proxy upgrade), change parameters, withdraw fees, migrate funds. If the key controlling these functions is a single wallet on a compromised machine, the best-audited contract in the world can be emptied by whoever captured that key. Signature phishing, malware on a developer workstation and secrets leaked in a repository are recurring vectors. And the attack does not always touch the contract: it is enough to convince a user or administrator to sign a malicious transaction — an unlimited token approval, a permit — on a fake interface. The signature is cryptographically valid; the damage comes from what it authorizes.
Is web3 & defi data already exposed or up for sale? Find out now — for free.
Sem cartão, sem compromisso. Descubra em minutos o que já vazou da sua empresa e qual é o seu risco real.
Anatomy of an exploit that drains a liquidity pool
To make it concrete, it is worth walking through how a liquidity pool exploit typically unfolds — and where defense comes in. The scenario below is de-identified, built from real industry patterns, not from a specific client.
The exploit in slow motion
- ›The attacker maps the public contract and identifies a withdrawal function that sends funds before updating the pool balance (reentrancy) or that trusts a manipulable oracle price.
- ›They take out a large flash loan to have maneuvering capital within a single transaction.
- ›They distort the reference price or reenter the vulnerable function, making the contract release more value than it should.
- ›They repeat the cycle in a loop within the same block, draining the liquidity pool.
- ›They repay the flash loan and keep the net profit, already routing the funds to a bridge or mixer.
All of this can happen in seconds. That is why defense cannot rely on prevention alone: there must be an on-chain sensor that recognizes the pattern — an anomalous pool drain, an abrupt invariant change, a call sequence with a flash loan — and triggers containment before the attacker moves the funds out of reach.
The defense window exists
Even in attacks lasting a few blocks, moving the stolen funds — fragmentation, passing through bridges and mixers — takes time. Real-time on-chain detection plus a runbook that pauses the contract, flags the attacker's wallets and engages partner exchanges can turn a total loss into partial recovery or a freeze of the value before cash-out.
How Decripte audits the smart contract before the money comes in
The first line of defense is the contract being correct. Decripte's Web3 security auditing combines automated analysis with adversarial manual review, because the two find different things. Static and symbolic analysis tools scan known patterns at scale; human review pursues the business logic and invariant flaws that only surface when someone thinks like an attacker about that specific protocol.
The scope of a contract audit
- ✓Threat modeling of the protocol: who can call what, with how much capital, in what order.
- ✓Reentrancy (same function, cross-function and via token callbacks) and adherence to checks-effects-interactions.
- ✓Access control of privileged functions and design of the upgrade/proxy mechanism.
- ✓Oracle dependency and robustness; resistance to price manipulation via flash loan.
- ✓Arithmetic, rounding and preservation of pool invariants under adversarial sequences.
- ✓Review of tests, coverage of edge-case scenarios and quality of the pause/emergency code.
The audit does not end at deployment. Every contract upgrade, every new integration with another protocol (composability), every oracle parameter change reopens the attack surface. Decripte treats auditing as continuous: what has changed since the last review is what needs to be reassessed before going to mainnet.
How Decripte watches the chain in real time
Auditing reduces the probability of failure, but does not eliminate it — and it does not cover key compromise or market manipulation. That is why the contract needs to be observed in production. Decripte's 24x7 SOC extends surveillance to the Web3 layer: sensors that track events emitted by the contracts, funds flowing in and out of the pools, calls to administrative functions, suspicious token approvals and transaction patterns consistent with an exploit (flash loan + drain, invariant change, anomalous spikes).
What Web3 monitoring observes
- ›Anomalous pool drains and breaches of protocol invariants.
- ›Flash loan usage associated with interactions with sensitive functions.
- ›Calls to privileged functions (pause, upgrade, withdraw) outside the expected pattern.
- ›Unlimited token approvals and suspicious signature transactions involving team wallets.
- ›Appearance of protocol wallets on threat lists and movement to bridges/mixers.
The goal of monitoring is not just to log: it is to reduce the time between the first block of the attack and the decision to contain. Every alert is tied to a runbook — not a loose alarm, but a trigger with a defined action and owner.
What would an incident in web3 & defi cost? See your real risk before it happens.
Sem cartão, sem compromisso. Descubra em minutos o que já vazou da sua empresa e qual é o seu risco real.
Key governance: the most underestimated single point of failure
The contract can be flawless and still be emptied if the administrative key is compromised. Decripte treats key governance as a central part of the security architecture, not an operational detail. Privileged functions should not answer to a single wallet: multisig requires multiple independent signatures, timelock imposes a window between the proposal and the execution of critical changes — a window that gives time to detect and react to a malicious action — and key custody should live in hardware or an HSM, away from development workstations exposed to malware and phishing.
Signs of fragile governance
- ›A single wallet controls pause, upgrade and withdrawal of the protocol.
- ›Administrative keys in a hot wallet or in a file in the developer's environment.
- ›Parameter changes executable instantly, without a timelock.
- ›Secrets, mnemonics or private keys versioned in a repository or in CI.
- ›A team without training against signature phishing.
Key hygiene extends to the team. Signature phishing targets precisely those with the power to sign. Training, verifying transactions before signing and clear segregation of administrative duties reduce the chance that a single click compromises the entire protocol.
When the attack happens: containment, eradication and tracing
Incident response in DeFi runs on a different clock. It is not just about restoring service; it is about stopping the outflow of money and chasing the funds while there is still a chance to block them. Decripte's Incident Response team operates with a containment SLA of up to 1 hour and a Web3-specific runbook: pause the contract (if an emergency mechanism exists), freeze affected functions, flag the attacker's wallets, engage partner exchanges and bridge providers and begin real-time on-chain tracing of the funds.
Containment is a decision, not an isolated reflex
Pausing a protocol affects legitimate users and can lock up liquidity. That is why containment is a decision prepared in advance, with clear criteria and defined roles in the runbook — so that, at the moment of the incident, the team executes in minutes instead of debating for hours.
In parallel with containment, forensic work reconstructs exactly what happened: which function was exploited, which sequence of transactions, where the capital came from, where the funds went. This analysis feeds both eradication (fixing the flaw, doing a safe redeploy) and responsible communication with users and, where applicable, with authorities — including data protection obligations when users' personal data is involved.
Compliance and accountability: what changes when there are real users
Decentralization does not exempt the company behind the protocol from its responsibilities. If there is users' personal data — registration, KYC, emails, wallet addresses linked to identity — the LGPD applies, and a security incident that poses risk to data subjects triggers the duty to notify the ANPD and those affected. Decripte structures incident response already accounting for this flow, so that technical containment and regulatory obligations move together, without improvisation at the worst moment.
Compliance and maturity fronts
- ✓LGPD: processing of user data, incident notification to the ANPD and to data subjects when there is risk.
- ✓Continuous Vulnerability Management over contracts, front-end (dApp) and supporting infrastructure.
- ✓Pentest of the web application/dApp and of the infrastructure that sustains the protocol, in addition to the contracts.
- ✓A documented security program, with incident runbooks and auditable key governance.
- ✓Responsible communication and a vulnerability disclosure plan for the community.
It is worth remembering that the protocol does not live only on the blockchain. The front-end, the APIs, the servers that index data, the domains and the deployment pipelines are classic targets — and a compromised dApp can induce users to sign malicious transactions even with the contract intact. That is why serious Web3 security covers contract, application and infrastructure as a single perimeter.
Start with the assessment
The practical path is to first map the project's real exposure: contracts live, privileged functions, oracle dependencies, key governance and dApp surface. From that snapshot, auditing, monitoring and a response plan are prioritized in the order that most reduces the risk of irreversible draining.
This initial snapshot requires no commitment and already delivers clarity on where the biggest risks are. From it, each front — auditing, Web3 SOC and incident response — comes in the order that best protects the funds custodied by the protocol.
Two starting points
To assess your posture with no commitment, start with the free Threat Management assessment at decripte.com.br/intelligence-center. To set up auditing, Web3 monitoring and incident response, sign up at decripte.io/start or talk to the team at /contato.
Real de-identified example: the draining of a liquidity pool via reentrancy and a manipulable oracle
Real, de-identified example
Real de-identified example (without identifying the client). A DeFi protocol with a sizable liquidity pool has operated for months without incidents. The contract passed functional tests, but a withdrawal function sends funds to the user before updating the pool's internal balance, and the protocol reads an asset's price from the instantaneous reserve of a DEX — a manipulable source. The administrative keys are in a multisig, with an emergency pause function available, but without dedicated on-chain monitoring.
Detection
An attacker takes out a flash loan, distorts the reference price and reenters the withdrawal function in a loop within the same block, beginning to drain the pool. The 24x7 SOC's on-chain sensor fires within seconds upon identifying an anomalous drain combined with flash loan usage and a breach of the pool invariant — before any user complaint.
Containment
The Web3 incident runbook is triggered within the SLA of up to 1h. The Incident Response team, together with the protocol's team, executes the emergency pause function via multisig, halting new withdrawals, and immediately flags the attacker's wallets, engaging partner exchanges and bridge providers to try to block the cash-out.
Eradication
The on-chain forensic analysis reconstructs the exact sequence of transactions, isolates the vulnerable function and confirms the dual vector: reentrancy in the withdrawal and a manipulable oracle. The fix applies the checks-effects-interactions pattern, a reentrancy guard and a switch to an oracle resistant to flash loan manipulation, with an audited redeploy before any return to operation.
Recovery
The corrected contract is reactivated in a controlled manner, with reinforced monitoring. Tracing the funds routed to bridges allows part of the value to be blocked at partners before cash-out, and the team publishes a responsible communication to the community describing the flaw and the remediation.
Lessons
The protocol institutes mandatory auditing at every upgrade, permanent on-chain monitoring with a pre-approved containment runbook, a timelock for critical changes and team training against signature phishing. The emergency pause, previously never exercised, is now tested periodically.
Outcome with Decripte
The combination of real-time on-chain detection and containment within 1 hour turns what would be a total loss of the pool into a partial loss, with part of the funds blocked before cash-out and the protocol back in operation with the flaw eradicated and permanent monitoring in place. Decripte's loop of auditing + Web3 SOC + incident response closes all three fronts: what failed in the code, what was missing in surveillance and what needed to exist in the response plan.
Don’t wait for the incident. Start hardening web3 & defi today.
Comece pelo diagnóstico gratuito agora e veja em minutos o que já vazou. SOC 24x7 e contenção em até 1h nos planos pagos.
How Decripte responds to a Web3 and DeFi incident
Incident response in DeFi races against the clock of blocks: the goal is to stop the outflow of funds and trace them while there is still a chance of a block. Decripte's flow operates with a containment SLA of up to 1 hour.
- Detection and triage: the SOC's on-chain sensor identifies an anomalous drain, a suspicious flash loan or an off-pattern administrative call and classifies the severity in minutes.
- Immediate containment: triggering the emergency pause mechanism via multisig and freezing the affected functions, per the pre-approved runbook, within the SLA of up to 1h.
- Flagging and blocking: the attacker's wallets are marked and partner exchanges and bridge providers are engaged to try to lock the cash-out of the funds.
- On-chain forensics: reconstruction of the exact sequence of transactions, identification of the exploited function, the source of the capital and the destination of the funds.
- Eradication: fixing the flaw (reentrancy, oracle, access control), reviewing invariants and an audited redeploy before any return to operation.
- Controlled recovery: reactivating the corrected contract with reinforced monitoring and continuous tracing of the value routed to bridges and mixers.
- Compliance and communication: assessing LGPD/ANPD obligations when user data is involved, responsible communication to the community and technical disclosure of the flaw.
- Lessons learned: adjustments to key governance, timelock, per-upgrade auditing and permanent monitoring to prevent recurrence.
How Decripte structures the security of a Web3 project
Web3 security only works if the three fronts — correct code, production surveillance and response capability — exist together. Decripte organizes this into complementary pillars.
Smart contract auditing
Automated review plus adversarial manual analysis focused on reentrancy, logic flaws, access control, oracles and pool invariants — continuous at every upgrade, integration or parameter change.
24/7 on-chain monitoring
24x7 SOC with Web3 sensors that observe contract events, fund flows, flash loan usage and administrative calls, with every alert tied to an action runbook.
Key governance
Multisig for privileged functions, timelock for critical changes and custody in hardware/HSM, with segregation of duties and protection of the team against signature phishing.
Web3 incident response
A specific runbook with a containment SLA of up to 1h: emergency pause, wallet flagging, engagement of exchanges/bridges and forensic tracing of the funds.
Coverage of the complete perimeter
Pentest and vulnerability management over the dApp (front-end), APIs and supporting infrastructure, because a compromised front-end drains funds even with the contract intact.
Compliance and communication
Alignment with LGPD/ANPD when user data is involved, responsible disclosure and documentation of the security program and incident runbooks.
Recommended plans for Web3 & DeFi
Web3 Security
Smart contract auditing and on-chain monitoring specific to the irreversible risk of fund draining in DeFi protocols.
See plan →Incident Response
A Web3 runbook with a containment SLA of up to 1h to pause contracts, flag wallets and trace funds while the exploit is still underway.
See plan →24x7 SOC
Continuous surveillance of contract events, flash loans and administrative calls, detecting the exploit by its behavior before cash-out.
See plan →Pentest
Offensive assessment of the dApp, the APIs and the supporting infrastructure, closing the vectors that compromise users even with a correct contract.
See plan →Frequently asked questions
Why isn't auditing the smart contract enough?
Auditing drastically reduces the probability of a flaw in the code, but it does not cover administrative key compromise, market manipulation via oracle, signature phishing or attacks on the front-end. That is why auditing must be combined with continuous on-chain monitoring, strict key governance and an incident response plan.
How often do I need to re-audit the contract?
At every change that alters the attack surface: contract upgrades, new integrations with other protocols (composability) and oracle parameter changes. Decripte treats auditing as continuous — what has changed since the last review is what needs to be reassessed before mainnet.
What can be done after an exploit has already started?
More than it seems. Even in attacks lasting a few blocks, moving the stolen funds through bridges and mixers takes time. Real-time on-chain detection plus a runbook that pauses the contract, flags the attacker's wallets and engages partner exchanges can turn a total loss into partial recovery. Decripte operates with a containment SLA of up to 1 hour.
How do I protect myself from flash loan and oracle attacks?
The problem is rarely the flash loan itself, but rather the protocol trusting a price that can be distorted by temporary capital. The defense involves using oracles resistant to manipulation (multiple sources, time-weighted average prices) and validating pool invariants, central points of Decripte's Web3 auditing.
Are administrative keys really such a big risk?
Yes. The best-audited contract can be emptied by whoever captures the key that controls pause, upgrade or withdrawal. Multisig, timelock and custody in hardware/HSM are as critical as the quality of the contract, and the team needs training against signature phishing.
Does the LGPD apply to a decentralized project?
If the project processes users' personal data — registration, KYC, emails, wallets linked to identity — the LGPD applies, and an incident posing risk to data subjects triggers the duty to notify the ANPD and those affected. Decripte structures incident response already accounting for this regulatory flow.
Can on-chain monitoring detect an exploit in real time?
Yes. The 24x7 SOC tracks contract events, fund flows, flash loan usage and administrative calls, recognizing exploit patterns such as anomalous drains and invariant breaches. Every alert is tied to a containment runbook, reducing the time between the first block of the attack and the decision to contain.
Where do I start with Decripte?
With the free Threat Management assessment at decripte.com.br/intelligence-center to evaluate your exposure with no commitment. To set up auditing, Web3 monitoring and incident response, sign up at decripte.io/start or talk to the team at /contato.
Sector terms
- Reentrancy
- A flaw in which the contract sends funds to an external address before updating its own state, allowing a malicious contract to reenter the function and repeat the withdrawal before the debit is recorded.
- Flash loan
- A loan with no prior collateral that must be taken out and repaid within a single transaction. It is legitimate, but it can provide nearly unlimited capital to manipulate prices or amplify an exploit within the same block.
- Oracle manipulation
- An attack in which the intruder distorts the price source the protocol depends on — for example, the instantaneous reserve of a DEX — to induce the contract to misprice assets and profit from the difference.
- Multisig
- A wallet that requires multiple independent signatures to execute a privileged operation, eliminating the single point of failure of an administrative key controlled by a single person or machine.
- Timelock
- A mechanism that imposes a mandatory interval between the proposal and the execution of critical changes to a contract, creating a window to detect and react to malicious actions before they take effect.
- Signature phishing
- Social engineering that induces a user or administrator to sign a malicious transaction or message (such as an unlimited token approval) that is cryptographically valid but authorizes the theft of funds.
Decripte protects and responds to incidents in web3 & defi.
Pentest, 24x7 SOC, incident response with a 1-hour containment SLA and compliance — without building an internal team. Or start free by seeing what has already leaked from your company.
