DoppelgängETH

Screenshots

Problem Statement

What is DoppelgangETH? DoppelgangETH is an advanced security system that protects cross chain activity by protecting CA & EOA Ethereum addresses, ensuring they haven't been compromised or duplicated across different chains.How does it work? Our system performs comprehensive verifications on two types of addresses and protect them to be compromised by a third party: a. Externally Owned Accounts (EOA): We verify if the address has been previously used We check if the bytecode counter is zero We perform a deposit of 1 WEI to initialize it as a legitimate EOAb. Smart Contracts (CA): We verify the absence of previous deposits. We confirm that no bytecode has been deployed. We deploy aN upgradable proxy CA that serves as a foundation for future implementations for the user across all chains.Benefits Enhanced security in cross chain transactions Prevention of address collisions across different chains Proactive verification of address integrity Risk reduction in cross chain operations Secure foundation for smart contract deploymentAdded Value DoppelgangETH acts as a fundamental security layer for cross chain blockchain operations, ensuring that each address is unique and secure in its context of use. This prevents potential attacks and vulnerabilities related to address hijacking across different chains.Why do I need DoppelgangETH? Imagine sending your digital assets to an address that seems correct, but turns out to be a smart contract on another chain that can't handle your funds. Without DoppelgangETH, your assets could be permanently lost. Our system verifies and distinguishes between EOAs and CAs before each transaction, providing a crucial security layer that blockchain alone doesn't offer.What are the risks of not using a verification system? Permanent loss of funds due to sending to incompatible CA. Airdrops sent to incorrect addresses due to undetected collisions Digital identity and asset ownership issues Legal liabilities for erroneous transactions Inability to recover funds due to blockchain immutabilityHow does DoppelgangETH work? Our system performs a multifaceted verification:Identifies address type (EOA vs CA)Verifies contract existence across multiple chainsAlerts about possible collisions before transactionProvides visual confirmation of address typeOffers customized security recommendationsWhy is it crucial for blockchain projects and DAOs? Protection of airdrops and mass token distributions Prevention of significant financial losses Reduction of legal risks and liabilities Improvement of user experience Increased transaction confidenceWhat differentiates us from other solutions? Realtime cross chain address verification Precise identification between EOAs and CAs Proactive alert and prevention system Backed by comprehensive legal and technical analysisWho should implement DoppelgangETH? Crosschain Protocols DeFi projects conducting airdrops Exchanges and trading platforms DAOs and blockchain organizations Cryptoasset custody services Any entity conducting mass transactionsHow to get started with DoppelgangETH?Connect your wallet to our dAppAllow initial address scanningReceive a detailed verification reportImplement our alert systemEnjoy secure and verified transactionsWhy is DoppelgangETH especially relevant in 2024? With the exponential growth of the cross chain ecosystem and the proliferation of smart contracts, the need for precise verification between EOAs and CAs has never been more critical. Losses from undetected collisions increase daily, making DoppelgangETH an indispensable tool for blockchain security.What is the cost of not implementing DoppelgangETH? Direct financial losses from erroneous transactions Reputational damage from security incidents Legal costs from ownership disputes Loss of user trust Time and resources invested in asset recoveryHow does DoppelgangETH integrate with existing systems? We offer a robust API and complete documentation for integration with: Hardware and software wallets Trading platforms Asset management systems Existing user interfaces DeFi protocolsReady to protect your assets and users with DoppelgangETH? Contact us for a demonstration and discover how we can secure the future of your blockchain transactions.Blockchain Collisions and Legal LiabilityGeneral AspectsWhat is an address collision? It is a situation where the same address can simultaneously exist as an external account (EOA) or smart contract (CA) on one chain ‘A’ and as a smart contract (CA) on another chain ‘B’, generating risks of asset loss and digital property conflicts.Why are collisions relevant from a legal perspective? The impact of collisions can result in significant financial losses, disputes over digital asset ownership, legal liabilities for protocols lacking legal protection, developers, and users. This represents a systemic risk that must be addressed both technically and legally.Legal ResponsibilityWho is responsible when a collision loss occurs? Responsibility can be distributed among various actors: Protocol: For not implementing adequate preventive security measures to avoid collisions Developers: For omission of verification systems Operators: For not warning about known risks Users: According to their level of diligence in verificationIs there legal liability for not implementing verification systems? The decentralized ecosystem introduces revolutionary challenges for crypto asset management and custody, where user responsibility and blockchain transaction immutability establish a very different liability framework from the traditional financial system. For example, unlike conventional banking where transaction reversibility is possible, blockchain does not yet attribute this possibility.However, these characteristics do not completely exempt the various ecosystem actors from legal responsibility and the possibility that it may be explored and have binding effects in the future.The existence of viable technical solutions to prevent collision losses, such as DoppelgangETH, establishes a due diligence standard that protocols cannot ignore without incurring potential technical negligence.This responsibility is especially magnified when three critical factors converge:The availability of preventive technical solutionsThe existence of documentation about risks and their implicationsThe predictability and materiality of potential lossesIn this context, the adoption of verification systems represents not merely an optional good practice, but a technical and legal imperative for protocols seeking to operate with the due diligence that the decentralized ecosystem demands. The inherent autonomy of blockchain does not dilute responsibilities; it redefines them and, in many aspects, could intensify them.Rights and ObligationsWhat rights might users affected by collisions have? Right to claim for losses Right to information about risks Right to reasonable preventive measures Right to compensation in cases of proven negligenceWhat obligations do blockchain protocols have?Implement adequate security measuresExplicitly warn about known risksMaintain updated verification systemsIs there an obligation to return funds received through collision? Yes, under the principle of unjust enrichment. However, practical execution can be complex due to: Blockchain transaction irreversibility, difficulty in identifying recipients, and due to transaction globalization, which will always depend on the applicable jurisdiction.Regulatory AspectsWhat regulatory frameworks apply to collisions? Digital financial services regulation Consumer protection regulations Civil liability laws Specific cryptoasset regulationHow does jurisdiction affect collision cases? Collisions pose jurisdictional challenges due to: Transnational nature of blockchain Diversity of regulatory frameworks Difficulty in determining applicable law Complexity in enforcing judgmentsPrevention and MitigationWhat preventive measures are legally recommended?Implement robust verification systemsMaintain updated technical documentationProvide clear risk warningsEstablish incident response protocolsHow can protocols reduce their legal exposure? Implementing systems like DoppelgangETH Maintaining regular audits Documenting security measures Establishing clear risk management policies

Solution

How it's made:On a very curated and easy to use UI we show the users the importance of securing their addresses showing different collisions on different chains, very easy to understand thanks to blockscout interface linked on every necessary element and also used in the backend python scripts which detects new collisions continuously.Users can connect directly using dynamic (fast and reliable) and scan a new CA address to deploy in a cross chain matter, generating and securing a single corss chain address for themselves.This is made in the 'back' thanks contract constructors and the CREATE2 functionality, interconnected using decentralized bridges.The UI is also intuitive and informative for any userLAYER ZERO Layer zero: Leverages LayerZero V2's omnichain messaging capabilities to create a real-time, cross-chain address deterministic verification system that avoids collisions between EOAs, CAs and CAs in third chains. We use LayerZero's V2 endpoint for enhanced security and reliability. Implementing cross-chain verification using LayerZero messaging. Real-time collision detection system.HYPERLANE We've implemented Hyperlane to connect to chains in a 100% permissionless way to send messages we can interconnect and protect in a seamless way. In example with Bitkub.ZIRCUIT We have chosen to deploy in Zircuit as an option because the "Best project on Zircuit" leverages Zircuit's parallelized circuits for efficient verification, integrates with AI-enabled security at sequencer level, solves real-world problem of address verification and enhanced security through ZK proofs.SCROLL Scroll offers real-world security application preventing cross-chain losses, being this the first implementation of cross-layer address type verification and taking care about a critical vulnerability by addressing infrastructure for L2 securityBITKUB Being a TOP option in Thailand Bitkub needs to be secured from the day one and this is because we have implemented the functionality to initialize the CAs also on this very important chain for the future and SEA ecosystem, growing extremely fast in the last years.BLOCKSCOUT Used in the backend python scripts that scraps blocks looking for new contract deployments and then search for CAs, initialized EOAs and not initialized EOAs (just with non native Airdrops) on different chains.DYNAMIC Connect wallet implementations in a seamless and beauty UX/UI design, adding some feedback for the documentation during the hackathon.