General FAQs

What is FailSafe?

FailSafe is an enterprise-grade blockchain security suite that actively protects wallets and smart contracts from attacks by detecting and intercepting malicious transactions.

FailSafe blocks malicious transactions in real-time with an automatic defence system: upon detecting unauthorised movement of funds, FailSafe deploys a swift and intelligent counter-transaction that transfers at-risk funds to a secure, self-managed smart contract wallet. This proactive approach ensures the immediate protection of digital assets against existing and emerging threats in the blockchain space.

It stands out as a wallet security suite, offering a robust safety net for digital assets by automatically securing funds to a safe state when faced with any threat. FailSafe achieves this through a sophisticated mechanism that blocks unauthorized transactions targeting your wallet. It initiates a counter-transaction that securely relocates your at-risk assets to a self-custody smart contract wallet, unique to each user and created at the moment of an attack, thereby ensuring the attacker is unaware of the user's protection measures.

FailSafe is a digital asset security suite that offers a true safety net for your digital assets, automatically securing your funds to a safe state when faced with any threat.

FailSafe is an enterprise-grade security suite for blockchain assets.

FailSafe protects user funds from the ever-evolving landscape of blockchain-related attacks, far surpassing the limited scope of existing security solutions. It achieves this by blocking any unauthorised transactions targeting your wallet by initiating a counter-transaction that securely relocates your at-risk assets to your self-custody smart contract wallet.

The term "fail-safe" applies to a system that defaults to a safe state in the event of a failure or threat.

How is FailSafe different from other wallet security products?

While the vast majority of existing security solutions aim to prevent phishing attacks, FailSafe’s approach offers protection against all attempts to steal funds from your wallet.

FailSafe is an active security service that safeguards your digital assets against private key theft, breaches in decentralised apps (dApps) and smart contracts, exploitation of offline signatures, wallet malware, and other sophisticated threats.

How does FailSafe work?

In the event that an unauthorised transaction is detected, FailSafe swiftly moves your assets to a designated self-custody smart contract wallet. The self-custody smart contract wallet is unique to each user, and is created only at the point that an attack is taking place. The reason for this is so that an attacker will not know a user is being protected by FailSafe.

What approvals am I required to grant FailSafe?

In order to activate FailSafe, you must authorise permission for your unique FailSafe smart contract to transfer the asset to itself in the event that an unauthorised transaction is detected. We recommend setting the maximum approval to ensure that FailSafe has the ability to protect all of your funds in the event of an attack.

The FailSafe smart contract wallets are unique to each user and deployed only at the point of attack. The smart contract wallet is also called the ‘Recovery Vault’ in the FailSafe user interface.

Is the FailSafe Recovery Vault/smart contract wallet safe? Can it be exploited?

Funds can never be drained from your FailSafe Recovery Vault/smart contract wallet because the contract method does not have “transferTo” functionality. It only has a “defend” method which transfers the assets from your protected wallet to itself. The only way funds can be withdrawn from the FailSafe smart contract wallet is via the FailSafe dashboard, where you must authorise the withdrawal from your FailSafe account via multi-factor authentication.

How is FailSafe useful to me?

Here are a handful of scenarios that FailSafe would protect you against:

  1. Your private key is stolen: If your wallet's private key is compromised due to wallet malware or device theft, an attacker could gain control of your wallet and attempt to steal your assets.

  2. A trusted dApp gets hacked:

    1. Suppose you grant an unlimited spending allowance to a major decentralised exchange for a token swap transaction. In the event that this exchange is hacked, as was the case with multiple recent security breaches, hackers could potentially drain your wallet.

    2. If you provided an offline signature to authorise the transfer of digital assets (like tokens or NFTs) to NFT marketplaces, and if the marketplace suffers a hack, the hackers could exploit this authorisation to steal the crypto assets you previously approved for transfer.

  3. Phishing attack: you’re being targeted by a sophisticated phishing attack that utilises offline signatures to trick you into signing a message that grants off-chain approvals to a malicious smart contract.

What type of digital assets does FailSafe protect?

FailSafe protects ERC-20 tokens (WETH, DAI, USDC, USDT, etc.) and ERC-721 tokens (also known as NFTs or Non-Fungible Tokens).

What networks does FailSafe support?

FailSafe currently supports Ethereum, Polygon, and BNB Chain.

Can FailSafe's frontrunning capability be outmanoeuvred by other software, hackers, or malicious actors?

FailSafe, with its advanced, globally-deployed infrastructure, offers robust and reliable cybersecurity protection. While no system is 100% foolproof, the scale and sophistication of FailSafe make it exceptionally difficult for attackers to outmanoeuvre, ensuring a high level of security and confidence for our users.

Is the code open source?

All FailSafe contract source code is publicly available and verified on the various blockchain explorers. The contracts have been diligently audited by security firm Zokyo.

Name

Description

Ethereum

Polygon

BNB Chain

OrchestratorFactory Address

FailSafeOrchestratorFactory used to spin up

upgradable FailSafe Orchestrator Beacon Proxy contracts. This contract is internal to the FailSafe project.

0x316643a84bb1d4d6261cf0d4d5107de8a4bd48c4

0x06094b58e069cc32438de9e13a7c44f7a120fc4d

0x265560924C1eb0B714eACFc94b433D3b6Bf2FFc7

BeaconProxy Address

BeaconProxy is a front-facing contract to receive interception signals from FailSafe Interceptor.

0x9bba00532d2359c00bdb33e4a8116d0f03b6d30a

0xeb9e5ff948603c663cd8699f093cd5a1cd2d34be

0x47Eeb3ef6D62bc6D0b08B60271681fe658B10c3e

FailSafeOrchestrator Implementation Address

FailSafeOrchestrator receives an interception event from BeaconProxy contract and orchestrates the lifecycle of a front run event.

The lifecycle of a front run event includes deploying the FailSafeWallet if needed and signalling the FailSafeWallet to perform the unidirectional movement of crypto assets from the user's protected wallet address to itself.

0xdfd98998efd40df62363d2098720bcb989f12c99

0x445f8858dfe64faab4c35ab787c6c7f5d8028fa2

0x828a501b92E02A79C7E4829Fb142E92ED1E7B2a0

FailSafeWallet Implementation Address

FailSafeWallet contract serves as a template from which the on-chain safe wallet linked to each user's protected wallet address is deployed when needed.

0x55F27334e965a709fd84569BAEAA99dfa0332538

0xcF4618186c71Be80Cb86F9b9a86d989a66Ab761B

0x440D8bA766B7D3af1493e6f10CcF613faDFa8dca

How can I be sure that the contract cannot move assets anywhere else?

FailSafe contracts are permitted to funds unidirectionally, as exhibited in the code below:

Ethereum

  1. Smart Contract 1 - FailSafe Orchestrator Contract (1 per blockchain) Line 167 - 171 in FailSafeOrchestrator.sol

  2. Smart Contract 2 - Predicted FS Wallet Contract (1 per blockchain per protected wallet address) Line 71 to 95 and 97 to 106 in FailSafeWallet.sol

BNB Chain

  1. Smart Contract 1 - FailSafe Orchestrator Contract (1 per blockchain) Line 167 - 171 in FailSafeOrchestrator.sol

  2. Smart Contract 2 - Predicted FS Wallet Contract (1 per blockchain per protected wallet address) Line 71 to 95 and 97 to 106 in FailSafeWallet.sol

Polygon

  1. Smart Contract 1 - FailSafe Orchestrator Contract (1 per blockchain) Line 167 - 171 in FailSafeOrchestrator.sol

  2. Smart Contract 2 - Predicted FS Wallet Contract (1 per blockchain per protected wallet address) Line 71 to 95 and 97 to 106 in FailSafeWallet.sol

Do I have to pay gas fees?

All transactions on the blockchain require a gas fee including the unauthorised transactions blocked by FailSafe on your wallet. FailSafe pays the gas fee upfront when blocking an unauthorised transaction and deducts it from your wallet automatically.

To facilitate the automatic deduction of gas fee from your wallet, Failsafe will request you to authorise a minimum spending allowance on the wrapped native token (WETH, WBNB and WMATIC for Ethereum, BNB Chain and Polygon respectively) when you connect your wallet to FailSafe application for the first time.

What if the attacker is using MEV Protection RPCs to steal funds?

FailSafe currently has visibility of private transactions via partnerships with private transaction services.

PreviousFrequently Asked QuestionsNextFailSafe Guard FAQs

Last updated