Blockaid

Stablecon 2025 starts here. To kick off the week, Blockaid and Blockfinex are hosting an exclusive cocktail hour at the iconic Raines Law Room in Chelsea. Join us for thoughtful conversations and a chance to connect before the conference. 📍 Raines Law Room, 48 W 17th St, NYC 📅 Wednesday, May 28 | 6:30–8:30 PM Space is limited — RSVP required (link in comments).

Most exchanges still treat fraud like a transaction problem. It’s not. This month, Coinbase disclosed an incident where attackers bribed support agents to steal customer data. Not to break into accounts, but to impersonate Coinbase, contact users directly, and trick them into sending funds. That’s how push payment scams work. And it’s why this problem has ballooned into $5.8 billion in annual losses—the fastest-growing threat to crypto users today. If you're leading fraud or compliance at a CEX, you already feel the shift. There’s no exploit. No malware. No unauthorized access. Just a convincing story, a fake app or website, and a user who thinks they’re doing the right thing. And your systems see nothing wrong—because they weren’t built to see *this*. So what can you do about it? The only way to catch it is to zoom out, past the single transaction, past the single user. That’s where the real signals live. Because fraud today isn’t a set of isolated incidents. It’s a coordinated, network-level threat. And network threats demand network intelligence: “Who else got hit by this address?” “What phishing infrastructure is behind the campaign?” “Are other users on your platform being pulled into the same trap?” You can’t solve this one case at a time. You need to understand the pattern behind the incident—and stop it mid-campaign. Because your job isn’t just to investigate fraud after it happens. It’s to prevent the next victim from ever hitting send.

Super proud of the team. EIP‑7702 is now live on Ethereum mainnet, and the Blockaid Platform supports it from day one. This upgrade allows EOAs to temporarily act like smart contracts, unlocking new features for wallet users, like session keys, batched transactions, and gas sponsorship. Blockaid handles wallet_sendCalls, session keys, and setCode scenarios with accurate transaction previews and enhanced security detection. Additionally, our security engine has been extended with new heuristics to catch new risks introduced by 7702, like malicious initCode and session key abuse, before they reach users. Building with 7702? DMs are open - Let’s talk. (for full capabilities breakdown, check out the link in the first comment)

There’s a built-in assumption in most signing flows: The transaction you see is the transaction you sign. But that assumption is fragile, and attackers have learned to exploit the gap. Today, Ledger is launching Transaction Check. Real-time transaction simulation and cryptographic validation delivered directly to Ledger devices, powered by Blockaid’s Transaction Security Engine. With Transaction Check, users get a clear view of the risks involved with the transaction they are about to sign, directly on their Ledger device. No assumptions. No blind trust. Just real clarity, where it matters most. Learn more about how Transaction Check works and why it matters: 🔗 https://blocka.id/nw83

There’s a built-in assumption in most signing flows: The transaction you see is the transaction you sign. But that assumption is fragile, and attackers have learned to exploit the gap. Today, Ledger is launching Transaction Check. Real-time transaction simulation and cryptographic validation delivered directly to Ledger devices, powered by Blockaid’s Transaction Security Engine. With Transaction Check, users get a clear view of the risks involved with the transaction they are about to sign, directly on their Ledger device. No assumptions. No blind trust. Just real clarity, where it matters most. Learn more about how Transaction Check works and why it matters: 🔗 https://blocka.id/nw83

Headed to Sui Basecamp this week? Join the Blockaid team to learn how to build secure dApps on Sui. Register here 👉 https://lu.ma/22ohjls3

An attacker stole $128,000 worth of tokens… without using any exploits. Last week, Blockaid’s real-time monitoring flagged unexpected Zora token movements involving 0x’s Settler contract. At first, it looked like a potential exploit. Deeper investigation revealed something different. As part of the Zora airdrop, some allocations meant for the 0x ecosystem were mistakenly sent to the 0x Settler (a permissionless contract where anyone could initiate actions). An attacker used the Settler’s arbitrary call functionality to invoke Zora’s claim function, redirecting the allocated tokens to themselves. No vulnerabilities. No exploits. No broken permissions. Just two systems interacting in ways no one threat-modeled. This is a Composability Attack. Here the risk isn’t what a system does, but how it interacts with other systems. For Blockaid, this incident is another proof point: Real-time monitoring is critical to securing onchain operations. Static code audits can catch bugs in isolated contracts. But only real-time monitoring can alert teams when their contracts are misused as part of a larger attack. We published a full technical breakdown of this incident, including traces, attack paths, and key lessons. Check it out to learn how composability risks emerge and how real-time defense makes the difference. (Link in comments.)

Blind signing has caused more crypto losses than contract exploits ever have. Blockaid's Cosigner integrates with Safe wallets to ensure transactions cannot be signed unless they pass a security check. Join us on May 6th to see how. Register here: https://lu.ma/6g8xi2li

“𝐂𝐫𝐲𝐩𝐭𝐨 𝐜𝐮𝐬𝐭𝐨𝐝𝐲 𝐬𝐭𝐢𝐥𝐥 𝐟𝐞𝐞𝐥𝐬 𝐬𝐜𝐚𝐫𝐲.” That’s what one of our institutional partners told us - right after deploying a “robust” multisig setup. Not because the technology was weak. But because the experience was fragile. We’ve heard this over and over from institutional teams: “𝐎𝐮𝐫 𝐜𝐮𝐬𝐭𝐨𝐝𝐲 𝐟𝐥𝐨𝐰 𝐢𝐬 𝐭𝐞𝐜𝐡𝐧𝐢𝐜𝐚𝐥𝐥𝐲 𝐬𝐞𝐜𝐮𝐫𝐞… 𝐛𝐮𝐭 𝐧𝐨 𝐨𝐧𝐞 𝐚𝐜𝐭𝐮𝐚𝐥𝐥𝐲 𝐟𝐞𝐞𝐥𝐬 𝐬𝐚𝐟𝐞.” These aren’t teams new to crypto. They’ve done the work. Built the stack. Hired the experts. And still, they don’t feel confident. Why? Because institutional infrastructure shouldn’t just be secure. It should be boring. It should just work. No guesswork. No heroics. No fire drills. Reliability beats hype. Predictability builds trust. And trust is what unlocks scale. If we want institutional capital to move confidently onchain, the infra can’t be “good enough.” It has to be invisible. Not exciting. Not experimental. Just safe. That’s how crypto grows up.

Lack of visibility has caused more crypto losses than contract exploits ever did. After the Bybit attack, one thing was obvious: 𝐁𝐥𝐢𝐧𝐝 𝐬𝐢𝐠𝐧𝐢𝐧𝐠 𝐢𝐬 𝐭𝐡𝐞 𝐛𝐢𝐠𝐠𝐞𝐬𝐭 𝐭𝐡𝐫𝐞𝐚𝐭 𝐭𝐨 𝐨𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐚𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐢𝐧 𝐜𝐫𝐲𝐩𝐭𝐨. So we built 𝐂𝐨𝐬𝐢𝐠𝐧𝐞𝐫, the security layer multisigs have been missing. It doesn’t trust the frontend. It doesn’t assume intent. It doesn’t sign until it knows exactly what’s going to happen. Cosigner inspects raw transaction data, enforces your policies, and only signs if the transaction is safe. ✅ Easy setup; just add it as another signer ✅ Optional override logic for flexibility ✅ Works with Safe, Fireblocks, and more ✅ No single point of failure 👇 Here’s how Cosigner works.