DeRisk

Screenshots

Problem Statement

There has been many prominent web2 cyber attacks on popular protocols such as curve finance and cream finance which resulted in over 1B dollar. Common attacks are through DNS poisoning and phishing attacks which leads you to a fraudulent webpage to approve malicious contractsA chrome extension that will popup before approving metamask's transaction that informs users of the various factorDNS of the websiteIP Address of the websiteSmart contract address of the transactionPotential vulnerabilities of the smart contractThe extension will compare these information against the information stored in our smart contract to determine the validity of the information.

Solution

Some of the technologies that we utilized are ReactJs for the frontend, solidity for writing of the smart contracts, Flask and NodeJs for our backend.Upon initiating the transaction signing process where the metamask pops up, our chrome extension will open and retrieve the domain url of the website requesting the signature. It will then send to our NodeJs server which we will theoretically check against the smart contract's data to see whether the IP and DNS address matches the particular domain url. If the user wants to verify the vulnerabilities and legibility of the smart contract that they are signing, they will input the smart contract address which we will then send it to our NodeJs backend and check against the smart contract and also Python backend where it will run Slither, the Solidity source analyzer to see whether is it contains vulnerabilities.