Blockaid's View on Security

Theft Is as Old as Humanity — Technology Just Makes It Easier

For as long as humans have created, traded, settled, and stored value, there have been those who exploit trust in that system of "money". Theft is not a new problem. But theft prevention is continuously challenged by the changing functions of money: its method and speed of exchange, its unit of account, and its accepted forms.

Technology has always evolved money and crime. Each major evolution has come with new vulnerabilities that attract new methods of crime. Here are examples just from the past century:

Web3 security: how we got here

To understand onchain security, it helps to first define the three eras of the internet:

• Web 1 was a read-only world. Users consumed information, but they did not participate. The attack surface was relatively narrow — primarily targeting infrastructure and content.
• Web 2 introduced the ability to write — to post, transact, and interact at scale. With it came the explosion of digital commerce, social networks, and cloud-based financial services. And with that came the security challenges the industry has spent two decades learning to manage: credential theft, phishing, account takeover, payment fraud, and more.
• Web 3 is about ownership. For the first time, users hold their own assets online — without intermediaries, without custodians, and without the safety nets that traditional financial infrastructure provides. Bitcoin emerged as a durable store of value. Stablecoins are increasingly powering global payments and institutional settlement.

This ownership model is transformative. It is also what makes the security challenge so acute.

Why Onchain Is Different — And Why It Demands a Different Approach

Blockchains comes with structural properties that are features and risks simultaneously:

• Networks are public. Every transaction, wallet balance, and smart contract interaction is visible to anyone with an internet connection. This transparency is a core principle of blockchain technology — but it also means attackers can conduct reconnaissance without ever penetrating a target network. They can study patterns, identify high-value wallets, and plan exploits with a level of precision that was simply not possible previously.
• “Trust” is codified in composable infrastructure. Intermediaries and middlemen are replaced by cryptography, open-source code and consensus mechanisms. But this infrastructure is agile, composable and upgradeable, demanding continuous security testing and maintenance. Every dependency creates a new surface for manipulation, exploit and attack.
• Attacker time to value is extremely short. In all prior technology evolutions, the amount of time (and effort) required for an attacker to successfully extract funds was measured in weeks and months — enough time for fraud teams or identity theft monitors to intervene. In web3, this window can be measured in minutes and seconds. This changes the entire calculus of security: prevention is not merely preferable to detection and response — it is essential.

The implication is clear: the security models that worked in the Web 2 era — built around private networks, trusted counterparties, post-incident forensics, and reactive response — are insufficient for our increasingly onchain world. Real-time detection and prevention is not a nice-to-have. It is the baseline.

The Three Categories of Onchain Risk

Onchain risk does not fit neatly into a single category. It spans three interconnected domains. Treating them as silos is, in itself, a vulnerability.

Cyber Risk

This encompasses theft from exploits targeting smart contracts and onchain infrastructure — vulnerabilities in code, transaction or wallet compromise, and malicious contracts deployed to drain funds. The onchain environment creates unique cyber risks because code, once deployed, is immutable and public, giving attackers the ability to probe for weaknesses with surgical precision.

In 2025 alone, $2.58B was stolen through web3 vulnerabilities including infrastructure exploits, code vulnerabilities, price manipulation, and private key compromise, among other incident types.

Compliance Risk

This covers anti-money laundering (AML), sanctions screening, illicit fund flows, and regulatory exposure. As stablecoins become mainstream settlement infrastructure and institutions deepen their onchain presence, the compliance dimension of crypto security has become a first-order concern — not an afterthought.

Fraud Risk

This includes first-party fraud (asset owners defrauding their own institutions), third-party fraud (external actors targeting asset holders), merchant fraud, and incentive abuse. Sophisticated social engineering schemes that originate entirely in the Web 2 world — on social media, dating apps, messaging platforms — routinely funnel victims toward onchain endpoints where funds are extracted.

These three risk types are not independent. A single threat actor may exploit a smart contract vulnerability (cyber risk), extract funds, launder them through fraud schemes, and ultimately route proceeds to a sanctioned entity — all within the span of hours. Monitoring, detecting, and preventing these risks in real-time, across all three dimensions simultaneously, is what effective onchain security demands.

The Threat Landscape: Eight Vectors That Define Onchain Risk

Blockaid was built around a fundamental conviction: that onchain security must operate in real time, across the full stack of signals — onchain, online, behavioral, and social. Any approach that treats these as separate concerns, or that relies on reactive detection after funds have moved, is structurally insufficient for the threat environment that exists today.

The Platform Foundation

Blockaid's capabilities are built on detection primitives continuously enriched by over 3TB of signals, daily.

Our engine determines verdicts at extremely low latency and with supporting evidence. Data, heuristics and verdicts come from:

Transaction Scanning, which simulates and validates transactions — and all of its parameters before it is signed — surfacing all outcomes, including approvals, fund movements, and contract interactions.

Token Scanning continuously analyzes metadata on 40M+ tokens across chains to identify malicious tokens — those associated with rugpulls, honeypots, spam campaigns, and other scam vectors — before onchain participants interact with them, in real-time.

Address Scanning evaluates any crypto address for 24+ exposure categories including sanctioned entities, fraud, stolen funds, CSAM, darknet services, and other illicit and malicious activity patterns, covering all hops and fund movements from preceding addresses.

dApp Scanning analyzes blockchain frontend applications for signs of compromise, malicious code injection, or fraudulent behavior, providing protection at the moment of wallet connection.

These scanning capabilities are complemented by internet-wide security agents that gather and test surfaces including DNS registrations, ad networks, phishing domains, social media, and Telegram channels. They capture signals and extract fresh addresses to connect and correlate offchain and onchain threat environments and prevent fraud.

The breadth of adoption of Blockaid's Transaction Scanning is itself a competitive moat. By directly integrating with the most widely used wallets and exchanges, Blockaid screens 500M+ transactions every month. This gives Blockaid proprietary behavioral data that creates an intelligence flywheel: every new transaction simulated strengthens detection and security for all customers.

Since 2022, Blockaid has scanned more than 6.0 billion transactions, analyzed over 3.0 billion dApp interactions and secured over $325B assets.

The Stakes: Why This Matters Now

The onchain security problem is not a niche concern for crypto insiders. It is a foundational challenge for the next phase of global financial infrastructure.

Major financial institutions — J.P. Morgan, Fidelity, UBS, and others — are scaling their blockchain initiatives. Stablecoins are increasingly used for cross-border payments, remittances, and institutional settlement. The U.S. government has begun to set standards and write regulations to foster the adoption of blockchain technology while mitigating the numerous risk vectors that have historically plagued blockchain’s new functions of money.

As the value flowing through onchain systems grows, so does the incentive to attack them. Protecting that value — and the trust of the users, institutions, and regulators whose confidence underpins the entire ecosystem — requires security infrastructure that is real-time, comprehensive, and purpose-built for onchain environments.

That is what Blockaid is designed to provide.

Conclusion

Theft has always followed value. The shift to onchain technology has not changed that dynamic — it has intensified it and expanded the surface areas available to attackers. Risk is no longer separated by cyber, compliance, and fraud as all dimensions can take place simultaneously.

Meeting this challenge requires moving beyond the reactive, siloed security approaches of the past. It requires a platform that sees across every relevant signal — onchain and offchain, behavioral and social — and that operates at the speed of the blockchain itself.

Blockaid's mission is to make onchain operations trustworthy at scale: for the wallets and protocols that power the ecosystem today, and for the institutions and billions of users who will depend on it tomorrow.