Common Attack Vectors

Protect your crypto wallet from private key compromises

In the Web3 world, your private key is the ultimate form of ownership. It is a cryptographic secret that grants you full control over your digital assets. While this "self-custody" is a core principle of decentralization, it also places the full burden of security on the individual. If your private key is compromised, an attacker can gain full control of your wallet and drain all your funds.
Book Demo
Trusted by leading Web3 projects
Flag suspicious multisig signatures and owner changes
Protect protocol treasuries and admin functions
Alert on suspicious transfers before funds are drained
How are private keys compromised?
Attackers steal private keys through phishing (fake sites mimicking trusted platforms), malware (keyloggers and device scanners), social engineering (impersonating team members or support), and weak storage (keys saved on devices, cloud services, or unencrypted notes). Once compromised, attackers gain instant, irreversible access to drain wallets and protocol treasuries.

How It Works: The Anatomy of a Private Key Compromise

Borrow
The attacker takes out a flash loan from a lending protocol (e.g., Aave or dYdX) for a large sum of a token.
Manipulate
The attacker uses the borrowed funds to manipulate the price of the token on a DEX, often by selling or swapping large amounts to create a price imbalance.
Exploit
With the manipulated price, the attacker executes a secondary exploit, such as cashing out a large amount of a stablecoin from another protocol at a favorable, but artificially inflated, rate.
Repay
The attacker repays the original flash loan plus a small fee, all within the same transaction. The entire process takes a fraction of a second.
Why traditional web3 security fails to catch private key compromises
Audits analyze isolated code. Flash loans exploit
live, multi-protocol interactions.
Standard antivirus software and firewalls are built for general threats, not Web3. They cannot detect a wallet-draining smart contract or a phishing site designed to steal your keys. In most cases, the weakest link is not the blockchain; it is the human factor.

Guardrail’s real-time monitoring protects against private key compromises

Guardrail provides a crucial layer of defense even after a private key has been compromised. While we cannot prevent the initial theft, we can monitor onchain activity to detect and prevent a wallet from being drained.
Real-Time Behavioral Analysis

Guardrail continuously monitors on-chain transactions and analyzes them for suspicious behavior. Our platform can be configured to flag and alert you to:

  • Unusual Transfers: If a wallet's funds are suddenly moved to a new address that has never interacted with the wallet before, our system will alert you.
  • Unusual Transaction Patterns: We can detect unusual patterns, such as a sudden large transfer followed by a series of small transfers to different addresses, a common tactic for attackers to obscure their tracks.
  • Interaction with Known Malicious Contracts: Our platform maintains a database of known malicious addresses and contracts. If your wallet interacts with one, we will notify you immediately.

By providing real-time alerts and behavioral analysis, Guardrail gives you a crucial window of opportunity to lock down your accounts and protect your funds before they are permanently lost.

Guards provide complete security coverage of every onchain

Pre-built Guards
Instantly set up ‘Guards’ for common attack vectors from our extensive blueprint library of 50+ ‘Guards’
Custom Guards
Custom monitoring for your unique protocol risks
Find out more

Frequently Asked Questions

Need more information?
Read our Docs
What happens if my crypto wallet private key is hacked?

If a hacker gains access to your private key, they can transfer funds without your consent. Guardrail helps by monitoring wallet activity and alerting you before attackers drain your assets.

Can Guardrail recover stolen crypto after a wallet drain?

No tool can reverse blockchain transactions. Guardrail focuses on early detection and prevention, giving you time to act before funds are permanently lost.

How is Guardrail different from a Web3 antivirus?

Traditional security tools target generic threats. Guardrail specializes in blockchain monitoring, detecting abnormal wallet activity and malicious contracts in real time.

Do I need to share my private key with Guardrail?

Never. Guardrail does not request your private keys. We monitor wallet activity directly from the blockchain, keeping your sensitive data secure.

What’s the best way to secure my seed phrase?

The safest option is to store your seed phrase offline in a hardware wallet or another secure physical format. Guardrail adds an extra layer of defense if your keys are still compromised.

Get Guardrail to secure your assets onchain today

Start Monitoring
Subscribe to newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
TALK TO US
App LoginGet Started - Book ConsultationAboutSuccess StoriesBlogContactDocs
TALK TO US
Real-time security monitoring for onchain finance
Based in NYC
Backed by Coinbase, Haun & other leading investors
Subscribe to newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Launch App
Privacy Policy
Terms of use
Design by Klad
Launch App
Privacy Policy
Terms of use
Design by Klad