TECHNICAL GRANT APPLICATION – MetaScout – FUNDING TIER 3

TERMS OF USE

I have read and understand the Conflux Grants Ecosystem Overview, and determined that my proposal is best for the Technical Grants stream (YES).

I understand that the Conflux Technical Grants are subject to a No Sale Rule, and I have read the terms of this rule (YES).

I understand that I will be required to provide additional KYC information to the Conflux Foundation to receive this grant (YES).

I understand that I will be required to follow public grant reporting requirements (YES).

APPLICATION INTRODUCTION
Project: MetaScout
MetaScout is a highly regarded real-time smart contract security monitoring tool widely used in the cryptocurrency space.

Are you an incorporated startup?
MetaTrust Labs

Links to the project’s webpage, DApp, project social handles, and chat groups.
Website: metatrust.io
Twitter: https://twitter.com/MetaTrustLabs
Telegram: https://t.me/metatrustlabs
Linkedin: https://www.linkedin.com/in/metatrust

What is your Conflux eSpace recipient wallet address for the grant?
0x3Dc4e40F0db36933A400Ba14E64Dad46Caa53d64

TECHNICAL INTRODUCTION
About MetaScout
MetaScout is a highly regarded real-time smart contract security monitoring tool widely used in the cryptocurrency space.MetaScout offers a number of benefits including 24/7 on-chain security monitoring and real-time anomalous behavior tracking, which helps projects protect against suspicious attacks and proactively identify and address smart contract vulnerabilities to mitigate potential financial risks. In addition to monitoring, MetaScout also provides “Migration Attack” security services, acting as a security superhero in the event of an attack.
In the event of an attack, it scans the blockchain for similar smart contracts and sends out alerts about contracts that are vulnerable to the same attack. It uses multiple engines, such as code snippet analysis and CFG similarity, to achieve an impressive hit rate of over 90%.

MetaScout Core Features

• Mempool Monitoring: Implements advanced mempool monitoring for early threat detection.
• Migration Attack Detection: Utilizes bytecode, function, and snippet similarity engines to enhance security.
• Smart Contract Firewall: Offers on-chain protection through proxy firewall, forwarder callback, and ERC4771 Lib contracts.
• Early-Response System: Swiftly responds to critical events like mempool attacks with an early-stop mechanism.

What MetaScout can do on Conflux?

1. Enhanced Security Infrastructure: MetaScout addresses security vulnerabilities on the Conflux network by implementing advanced features such as proactive monitoring, threat detection, and rapid incident response. This fortification helps create a more secure environment for users and developers, mitigating potential risks.
2. Real-Time Monitoring and Incident Response: MetaScout introduces a robust monitoring infrastructure tailored for Conflux, enabling real-time tracking of activities. This includes efficient incident response mechanisms to swiftly identify and address security incidents, reducing the impact of potential threats and enhancing the overall resilience of the Conflux network.
3. Streamlined Integration and User Confidence: MetaScout aims to streamline its integration with the Conflux ecosystem, ensuring compatibility and functionality. By offering enhanced security and monitoring capabilities, MetaScout builds user confidence in the Conflux ecosystem. Users engaging in decentralized finance (DeFi) activities, particularly on Uniswap v4, can trust in the security provided by MetaScout, fostering a positive and secure environment.

Objectives & Success Criteria of MetaScout on Conflux
MetaScout aims to fortify the security landscape on the Conflux network through the implementation of advanced security features. By developing a robust monitoring infrastructure tailored for Conflux, the objective is to ensure real-time tracking and response mechanisms, fostering a secure and reliable environment for users engaged in decentralized finance activities. Seamless integration into the Conflux ecosystem is prioritized to provide Uniswap v4 users on Conflux with a user-friendly and efficient experience, ultimately empowering the Conflux community with a comprehensive security and monitoring toolset.
The success of MetaScout will be measured by a significant reduction in security incidents and vulnerabilities on the Conflux network, validating its effectiveness. Achieving a substantial adoption rate within the Conflux community, with users actively utilizing MetaScout for security and monitoring, will indicate positive integration metrics. The success will also be reflected in positive user feedback regarding the usability, effectiveness, and impact of MetaScout on their security needs. Moreover, demonstrating contributions to the overall Conflux ecosystem by fostering a secure environment and attracting more developers and users to Conflux will be key success indicators.

Why choose MetaScout?
MetaScout is uniquely positioned in the Conflux ecosystem as a comprehensive security platform, addressing critical gaps in existing monitoring tools, such as high error rates and inefficient asset recovery during fund theft incidents. Its advanced features, including mempool monitoring and migration attack detection, set it apart from other projects in the ecosystem and differentiate it from generic security solutions in the Conflux ecosystem. MetaScout’s tailored functionalities make it a distinctive and growth-focused security solution for Conflux.

TEAM
Our team is incubated by Nanyang Technological University in Singapore, with a strong troop of AI researchers and Web3 security researchers. We’re led by the co-founder Prof. Liu Yang, one of the outstanding Microsoft Asia Scholars. Security researchers and auditors in our team have experience in building security tools for developers in the web3 industry, and won trust from our clients like MAP Protocol, Uniwhale and Hope.money.
We’re focusing on risk mitigation and loss prevention at the research level and at the product level. Hope we can make the best of it with full effort.

• Prof. Yang Liu: Co-founder, professor at Nanyang Technological University in Singapore
  https://www.linkedin.com/in/yang-liu-03a3a09/
• Mr. TY Shao: Partner of BD, 10 years experience in business development with 5 years experience in web3 investment
  https://www.linkedin.com/in/tyshaosg/
• Ms. Angela Tong: COO, 10+ years in Crypto Marketing and Operation
• Mr. Simon Shieh: Head of Web3 Security Department, 7 years in Blockchain Development and Security
  https://www.linkedin.com/in/simon-shieh-a2765a48/
• Mr. Andy Deng: Lead Engineer, 10+ Years in Software/Web Development & UI/UX

TOTAL BUDGET AND FUNDING TIER
Grant Tier: 3
Grant Size: $25k
Justification: The funds will be used for developement according the milestones.

Milestone 1
Budget Allocation: $2,000
Pre-launch Preparation (2023 Q2)

Milestone 2
Budget Allocation: $15,000
Product Launch (2023 Q3)

Milestone 3
Budget Allocation: $5,000
Migration Attack Engine and Contract Firewall (2023 Q4)

Milestone 4
Budget Allocation: $3,000
Optimization and Modular Enhancements (2024 Q1)

CURRENT FUNCTIONALITY
Customer Problems/Issues:

• Security Concerns: Users on Conflux may face security concerns due to potential vulnerabilities in the existing system, leading to risks such as unauthorized access, data breaches, and asset loss.
• Limited Monitoring: The current system may lack comprehensive monitoring features, leaving users without real-time insights into their transactions and potential security threats.

Application Problems/Issues:

• Vulnerability to Attacks: The current system may be susceptible to various attacks, including but not limited to smart contract exploits, unauthorized transactions, and manipulation of decentralized applications (DApps) running on Conflux.
• Inefficient Incident Response: Without an advanced security infrastructure, the system may struggle to efficiently respond to security incidents, leading to delays in addressing potential threats.

Processes Problems/Issues:

• Integration Challenges: Users may face challenges in integrating security tools seamlessly with the Conflux ecosystem, causing disruptions and compatibility issues.
• Lack of Proactive Measures: The absence of proactive security measures in the current system may result in a reactive approach to addressing security issues, impacting the overall resilience of the Conflux network.

What MetaScout can do:
Customer Solutions:

• Enhanced Security Features: MetaScout introduces advanced security features to address customer concerns, providing a more secure environment with reduced risks of unauthorized access and asset loss.
• Real-Time Monitoring: MetaScout’s robust monitoring infrastructure ensures customers have real-time insights into their transactions and activities, empowering them with proactive security measures.

Application Solutions:

• Mitigation of Security Vulnerabilities: MetaScout mitigates vulnerabilities by implementing proactive measures against smart contract exploits, unauthorized transactions, and potential attacks on DApps running on Conflux.
• Efficient Incident Response: The proposed system enhances incident response mechanisms, enabling swift identification and resolution of security incidents, reducing the impact on the Conflux network.

Processes Solutions:

• Seamless Integration: MetaScout is designed to seamlessly integrate with the Conflux ecosystem, addressing previous challenges and ensuring compatibility with existing processes.
• Proactive Security Measures: The new system introduces proactive security measures, deviating from a reactive approach and enhancing the overall resilience of the Conflux network by preventing security issues before they escalate.

MetaScout’s proposed functionality addresses the identified problems in the current system on Conflux, providing comprehensive solutions to enhance security, monitoring, and overall user confidence in the decentralized finance ecosystem.

TECHNICAL PROPOSAL
Functional Requirements:

1. Security Features:
   • Shall provide advanced threat detection: MetaScout shall include sophisticated algorithms to detect and respond to potential security threats, including smart contract exploits and unauthorized transactions.
2. Real-Time Monitoring:
   • Shall offer real-time transaction tracking: MetaScout shall provide users with a real-time view of their transactions on Conflux, ensuring immediate visibility into activities and potential security incidents.
3. Incident Response:
   • Shall facilitate swift incident response: MetaScout shall enable efficient identification and resolution of security incidents, minimizing the impact on the Conflux network.
4. Seamless Integration:
   • Shall integrate seamlessly with Conflux ecosystem: MetaScout shall be designed for seamless integration with the Conflux network, including compatibility with existing dApps and smart contracts.
5. User-Friendly Interface:
   • Shall feature a user-friendly interface: MetaScout shall provide an intuitive and easy-to-use interface for users to navigate and access security features without extensive technical expertise.

Nonfunctional Requirements:

1. Usability:

   • Shall ensure user accessibility: MetaScout shall prioritize an accessible user interface, ensuring that security features are easily understandable and navigable for users of varying technical backgrounds.

2. Reliability:

   • Shall maintain high reliability: MetaScout shall operate with high reliability, minimizing downtime and ensuring consistent availability to Conflux users.

3. Performance:

   • Shall exhibit optimal performance: MetaScout shall be designed for optimal performance, ensuring minimal latency in real-time monitoring and rapid response to security incidents.

4. Supportability:

   • Shall provide adequate support documentation: MetaScout shall include comprehensive documentation to assist users in understanding and utilizing the system effectively, including troubleshooting and best practices.

5. Implementation:

   • Shall adhere to best coding practices: MetaScout’s implementation shall adhere to industry best coding practices, emphasizing code quality, modularity, and maintainability.

6. Interface:

   • Shall offer a general set for integration: MetaScout shall provide a general interface to facilitate integration with other tools and systems within the Conflux ecosystem.

7. Packaging:

   • Shall provide easy subscription and updates: MetaScout shall have a user-friendly packaging approach, ensuring straightforward subscription processes and seamless updates to new versions.

SYSTEM MODEL
MetaScout is still in alpha stage.

ECOSYSTEM FIT

1. Enhanced Security Infrastructure: By providing advanced security features and real-time monitoring, MetaScout strengthens the security infrastructure of the Conflux network. This enhanced security creates a more trustworthy environment for developers, users, and decentralized applications dApps, fostering confidence in the ecosystem.
2. Attraction of Developers: MetaScout’s integration seamlessly with the Conflux ecosystem and its focus on security addresses critical concerns for developers. The availability of a reliable security tool encourages more developers to build and deploy their applications on Conflux, expanding the ecosystem with innovative decentralized solutions.
3. Positive User Experience: The user-friendly interface and proactive security measures offered by MetaScout enhance the overall user experience on Conflux. This positive experience encourages user retention and attracts new participants, leading to a more engaged and growing user base.

DEVELOPMENT ROADMAP
Milestone1
Pre-launch Preparation (2023 Q2)

• Deliverables:
  • Finalization of product development roadmap.
  • Completion of internal testing and quality assurance procedures.
  • Establishment of communication channels for user feedback.
  • Implementation of initial marketing strategies.
• KPI Goals:
  • Successful completion of internal testing with no critical issues.
  • Feedback collection from an internal testing team.
  • Creation of initial brand awareness through pre-launch marketing efforts.
• Expected Date of Achievement: 2023 Q2.

Milestone 2
Product Launch (2023 Q3)

1. Deliverables: MetaScout product officially launched.
2. KPI Goals: Successful deployment and positive user feedback on the MetaScout platform.
3. Expected Date of Achievement: 2023 Q3.

Milestone 3
Migration Attack Engine and Contract Firewall (2023 Q4)

1. Migration Attack Engine Development

• Bytecode similarity engine
• Source code function similarity engine
• Source code snippet similarity engine
• KPI Goals: Reduction in migration attack false positives by 30%.

2. Contract Firewall Development

• Proxy firewall contract
• Forwarder callback contract
• ERC4771 Lib contract
• Off-chain analysis system
• Off-chain callback system
• KPI Goals: Achieve a 20% increase in on-chain security effectiveness

3. Early-Response System Development

• Mempool attack detection system
• Flash-block node optimization
• KPI Goals: Reduce response time to mempool attacks by 40%
• Expected Date of Achievement: 2023 Q4

Milestone 4
Optimization and Modular Enhancements (2024 Q1)

1. Flash-Block Node Optimization

• Enhancements to the Flash-block node for improved performance
• KPI Goals: Achieve a 25% improvement in Flash-block node efficiency
• Increased Private and Modular Capabilities
• Capability for private deployment
• Modular deployment for enhanced flexibility
• KPI Goals: Enable private deployment for 10% of MetaScout users; achieve a 15% increase in user satisfaction with modular features

2. Intellectual Property Development

• 3 patent submissions
  • Contract firewall
  • Early-stop mechanism
  • Monitoring of malicious contract deployments
• KPI Goals: Successfully file patents; receive positive reviews from the blockchain community

3. EIP Submission

• Ethereum Improvement Proposal for the contract firewall
• KPI Goals: Obtain community support for the EIP; contribute to the Ethereum protocol’s enhancement
• Expected Date of Achievement: 2024 Q1.

Additional Developments (2024 Q2~Q4)
KPI Goals: Successfully integrate MetaScout with 20 web3 protocols; achieve a 30% increase in user engagement across integrated protocols.

MAINTENANCE CONSIDERATIONS

1. Continuous Improvement and User Engagement:
   • MetaScout will prioritize regular updates and feature enhancements to meet evolving user needs in the dynamic blockchain monitoring space. Community engagement through webinars, Q&A sessions, and forums will foster an active user community, ensuring MetaScout remains user-friendly and aligned with user expectations.
2. Robust Security Measures and Data Protection:
   • While MetaScout primarily focuses on monitoring, ensuring the security and privacy of user data is paramount. The post-grant plan includes implementing and regularly updating robust security measures to safeguard user information. This commitment to data protection reinforces user trust in MetaScout’s reliability.
3. Scalability, Compatibility, and Collaboration:
   • MetaScout’s post-grant strategy includes evaluating and optimizing system scalability to accommodate the growing Conflux ecosystem. Ensuring compatibility with new blockchain developments will be a priority, facilitated by ongoing collaboration with Conflux developers. Active participation in community discussions and contribution to the ecosystem’s growth will solidify MetaScout’s position as a valuable asset within Conflux.

Thank you for submitting this application. Few questions below:

1. What is Migration attack service? Is this during the deployment on to the chain?
2. Where is this being used currently?
3. You mention it will be tailored to Conflux ecosystem. If you have applied these tools on Ethereum chain already how much of effort is needed to do it on conflux?
4. Are you using any AI aspects in your tools?
5. Can you specify what problems you have identified in Conflux ecosystem specifically that can be improved by adding your tools?
6. Under customer solutions, what specifically can you target to include more security features for the users?
7. What is the current threat model you use? what kind of exploits have you handled until now? Can you give a brief summary or report?
8. How is the real-time monitoring different from the Conflux Scan or the many block explorers that we have?
9. Can you integrate your tools into the current ecosystem applications?
10. Can you give few examples of rapid response time for any security incidents you have handled?
11. Milestone 1 includes internal testing and quality assurance. seems like Milestone 3 is were you have the core capabilities. What do we have in terms of product deliverables under Milestone 1?
12. I see lot of products listed in your website. What are the products that will be integrated into conflux ecosystem right now?
13. You also provide smart contract auditing service. Will that be included as a service for Conflux ecosystem?

Hi @Claire-MetaTrust! Thanks for applying for a Conflux Grant.

Here are some questions I have:

1. Can you elaborate on the specific algorithms and techniques MetaScout uses for smart contract security monitoring and anomaly detection?

2. Will you be integrating both Conflux Core and eSpace?

3. How does MetaScout ensure scalability and maintain performance as the number of monitored smart contracts on the Conflux network grows?

4. Could you describe the user interface of MetaScout? How do you ensure it is accessible and user-friendly for individuals without extensive technical knowledge?

5. What metrics will you use to measure the success and impact of MetaScout on the Conflux network’s security?

6. What is your business model? Do you charge any fees to users or monitored project?

Looking forward to your response. Thanks!

Thank you for your interest. Here are our answers:

1. Migration Attack Service refers to a proactive security measure that comes into play after a cybersecurity incident. When a specific contract is under attack, this service conducts a comprehensive chain-wide search for contracts exhibiting similar characteristics. It then issues alerts for contracts that might be susceptible to the same attack methodologies. Migration Attack Service employs multiple engines, including code snippets and Control Flow Graph (CFG) similarity, to make a holistic assessment of contract similarity, achieving a detection accuracy of over 90% with an almost negligible false positive rate.
   Migration Attacks occur after the initial attack event has taken place.

2. The Migration Attack Service is currently employed in on-chain transaction monitoring and real-time response scenarios. Its application extends to projects such as Echooo, Hope.money, and Desyn, where these platforms have been invited to participate in testing the effectiveness of the service.

3. The effort required to implement these tools on the Conflux ecosystem is minimal. Essentially, it involves connecting to CONFLUX’s RPC NODE. The adaptability of the tools from the Ethereum chain to Conflux is seamless, requiring almost no additional effort.

4. Currently, we haven’t fully integrated AI into our tools. However, we are actively exploring the incorporation of AI elements, particularly large-scale models. These models would be utilized for analyzing transaction call traces, enabling us to make more sophisticated assessments and determinations regarding transaction intent.

5. It seems that Conflux has not been compromised or attacked by hackers or malicious actors recently, though, there might be potential attacks, vulnerabilities, and weaknesses like Denial-of-service attacks or anonymity issues. These issues pose potential risks to the integrity and security of smart contracts and transactions on the network. By integrating MetaScout’s tools, we aim to address these potential challenges proactively. Our platform employs advanced algorithms, real-time monitoring, and rapid response mechanisms to detect and mitigate these identified issues swiftly. This not only enhances the overall security posture of the Conflux ecosystem but also provides users and projects with a robust defense against potential threats and exploits.

6. In our customer solutions, we can specifically target enhancing security features through on-chain monitoring and Mempool front-running capabilities. By focusing on these aspects, we aim to expedite the security response process, ensuring a faster and more proactive defense against potential attacks than the time it takes for an attack to fully materialize.

7. We have 5 thread models in MetaScout, Prive Manipulation Attack, Reentrancy Attrack, Deflationary Token Attack, Fee Reveiver Attack and Ice-Phishing.
   The exploits we have encountered originate from our daily monitoring alerts. In the past week, we observed a total of 10 alert instances, with an error rate of 10% and a detection accuracy of 90%. Among these alerts, 9 were associated with potentially malicious transaction activities, while 1 was related to on-chain arbitrage behavior. This data underscores our ability to identify and respond to a variety of exploits, contributing to a robust security posture for our users.
   

   

   image.png608×599 21.2 KB

8. Real-time monitoring sets itself apart by more than just listing the details of each transaction. Instead of serving as a conventional block explorer like Conflux Scan or others, our approach involves the systematic filtering of transactions based on predefined rules. It’s important to note that we are not a browser; rather, we position ourselves as a comprehensive security automation and operations platform. Our focus is on security, automating responses, and providing a broader operational perspective beyond the traditional functions of block explorers.

9. Absolutely, we can seamlessly integrate our tools into the current ecosystem applications. Specifically, we can tailor our solutions to address the needs of DeFi and Bridge Dapps. Our capabilities extend to implementing early-stop mechanisms to preemptively thwart potential threats and initiating contract-blocking measures to enhance the overall security of these applications.

10. Our rapid response times are designed to be within one block time. While we haven’t encountered specific incidents to showcase yet, our framework is prepared to respond swiftly to security events, ensuring that potential threats are addressed promptly, minimizing any potential impact on the ecosystem.

11. The deliverable for Milestone 1 is the Monitoring Platform. This platform is a result of our internal testing and quality assurance processes. If you’re interested in trying it out, it’s available for use right now.

12. 3 of our security products can be integrated into Conflux ecosystem, they are:
    MetaScout: a highly regarded real-time smart contract security monitoring tool widely used in the cryptocurrency space.
    MetaScan: comprehensively assesses smart contract security vulnerabilities and provides recommendations for remediation.
    MetaScore: stands out for its unique approach to security assessment and scoring.

13. Yes we can help audit projects’ smart contracts on Conflux ecosystem.

Hi team, thank you for your interest towards our security tool MetaScout, here are our answers:

1. In the context of migration attacks, MetaScout employs the Control Flow Graph (CFG) subgraph matching algorithm. This technique involves analyzing the control flow within smart contracts, allowing us to identify patterns and similarities indicative of potential security threats. Additionally, our approach includes program analysis and decompilation algorithms, which contribute to a comprehensive understanding of the contract’s behavior, aiding in the detection of anomalies and potential vulnerabilities.

2. Currently, we are focused on integrating eSpace, which is EVM-compatible. Our integration efforts are tailored to this environment to ensure compatibility and effective monitoring within the Conflux ecosystem.

3. To accommodate the growth of monitored smart contracts on the Conflux network, MetaScout is committed to continuously upgrading our monitoring engines. This ensures that our tools remain optimized and effective even as the ecosystem expands. Additionally, we have the flexibility to scale horizontally on the hardware side, allowing us to handle the increased data volume on the Conflux network efficiently. This combination of software and hardware optimizations ensures that our monitoring capabilities maintain high performance and scalability as the Conflux network evolves.

4. We now have a ready-to-use MetaScout monitoring platform for both projects and individulas to try out.
   

   

   img_v3_0263_1f519654-9257-498e-8ad5-d546ce01b7ag.jpg1868×1033 417 KB
   

   img_v3_0263_be4b8925-294b-45be-8c2e-b48a5343d3eg.jpg1867×1135 259 KB

5. The success and impact of MetaScout on the Conflux network’s security will be measured primarily through the hit rate and false positive rate of MetaScout alerts. Currently, we achieve a hit rate of 90% and a false positive rate of 10%. These metrics provide valuable insights into the effectiveness of our security monitoring, ensuring that we are accurately identifying potential threats while minimizing false alarms.

6. Our business model operates on a subscription basis, where users are charged either monthly or annually for our services. Additionally, for specific features such as early-stop and smart contract firewall, we apply an annual service fee. This approach allows us to sustain and enhance our offerings while providing flexible options for users based on their preferences and needs.