Overview

The dApp Protection feature is an feature built to provide security insights into your Web3 operations via the Fireblocks platform. When connecting to a third-party decentralized application (dApp) via WalletConnect or initiating a contract call transaction, the dApp Protection feature analyzes the data for anomalies or similarities to known attacks.

How it works

When connecting to dApps via WalletConnect, the dApp Protection feature analyzes the data for anomalies and risks. If we detect anomalies or suspicious behavior, the operation is flagged as either Suspicious or Malicious. When connecting to a dApp, we analyze its risk level. If flagged, a warning appears.

Once you attempt to connect to a dApp or to initiate a transaction, we automatically perform a scan. As a result, if we deem the dApp or smart contract to be legitimate, no warning appears, and you may interact as normal. If, however, new risk data becomes available, a flag may be triggered and additional context will be shown to help you make an informed decision.

Upon initiating a new contract call transaction, the transaction awaits security screening while Fireblocks runs its internal analysis. If flagged, you'll receive a risk alert before approval.

In some cases, you may be automatically disconnected from a dApp if it becomes flagged after an initial connection (e.g., via WalletConnect). If you attempt to reconnect, you will see a warning and can choose whether to proceed.

Security threat levels

• Malicious: Fireblocks flags operations as Malicious if we deem the security threat high enough to suggest you halt the operation.
  
• Suspicious: Fireblocks flags operations as Suspicious if we find certain abnormalities and believe you should double-check all details of the contract and transaction before continuing with the operation.
  

Viewing security information

If a connection or transaction is flagged as potentially risky, the security alert will appear during the approval or signing process, depending on the interface you're using:

• Fireblocks Console
  The alert appears alongside the approval screen.
  
  
• Mobile app alert
  Tap the security alert banner to view more details about the flagged behavior.
  
• DeFi browser extension
  A browser pop-up will warn you before you connect to a flagged dApp.

Alerts will explain why the dApp or contract was flagged, including any known issues or abnormal behaviors.

Monitoring dApp connections

After you connect to a dApp via WalletConnect, Fireblocks analyzes the dApp’s data every 24 hours. If we deem the connection to be potentially dangerous at any point during the analysis, you will be automatically disconnected from the dApp. If you attempt to reconnect to the dApp, you will receive a flag with additional information regarding the potential security threat.