Evasion is a serious problem for users and security tools alike. The recently published research report presents a taxonomy for a broad range of employed evasion techniques.
Proxy contracts (ERC-1967 or custom implementation) allow scammers to trick block explorers to show a source code verified proxy contract whereas the implementation is not source code verified. An unsuspecting user may review the block explorer’s displayed verified proxy giving a false sense of security.
Each evasion technique, however, provides an opportunity for specific detection as well. This bounty is going to focus on creating a detection bot that identifies contracts that hide behind proxies.
The bot should monitor all new contract creations and proxy implementation updates and assess whether the created contract is a proxy contract implementing the ERC-1967 standard or a custom proxy implementation while pointing to an implementation that is not source code verified. These implementations contracts are usually interacted with through unusual functions; the selectors are not recognized by block explorers.
The bot should explore both a static as well as a dynamic (e.g. based on traces) detection approach.
Example contract the bot should identify is:
It should not identify the following as the implementation is source code verified as well:
In return for developing a functional Forta detection bot that alerts on the above instance, the Forta Foundation is offering $1000 in FORT, the native utility token of the Forta Network. The Forta Foundation team will review the final results and assign the rewards accordingly. The Forta Foundation will cover initial Bot deployment costs (including staking).
In order to ensure that all the work funded by the Forta Foundation under the Threat Research Initiative is made available for the benefit of Forta users, ownership over any bot that receives rewards will be assigned to the Foundation, which will be made available to the public under the "Forta Bot License”. Participants should also commit to making suggested improvements during the first 2 months after deployment.
You are a data scientist who is familiar with or experienced in bot development in the Forta Network. You can communicate effectively with the team, provide updates, and support precision and recall testing of the bot.
*Forta is a real-time detection network for security & operational monitoring of blockchain activity secured by FORT token. Billions of dollars in Web3 monitored by Forta. Underlying Forta is a decentralized network of independent node operators that scan all transactions and block-by-block state changes for outlier transactions and threats. When an issue is detected, node operators send alerts to subscribers of potential risks, which enables them to take action.*
*Forta Detection Bots are a set of code scripts within a Docker container that process some blockchain data (i.e. a block or transaction) and detect specific threat conditions (e.g. whether a flash loan attack occurred, or whether a particular account balance fell below some threshold). Bots emit alerts for their findings. Bots are executed by scan nodes.*