Phalcon Explorer brings comprehensive transaction analysis to Monad, the fastest EVM-compatible blockchain. You can now debug parallel execution flows, trace complex DeFi interactions, and monitor high-frequency transactions on this revolutionary 10,000 TPS network. Get complete visibility into smart contract calls, balance changes, and fund movements from Monad’s launch day.

Why 2025 is the year of high-performance blockchains

We’re seeing powerful new chains launch to solve blockchain’s biggest challenges. 2025 has become a defining year for Web3 infrastructure. Among all these launches, Monad stands out as one of the most promising. It’s a Layer 1 blockchain that delivers 10,000 transactions per second with sub-second finality while maintaining full EVM compatibility.

Monad went live on November 24, 2025. Major exchanges like Kraken confirmed day-one listing support. The network already has over 280 projects building on it. With $244 million in funding from Paradigm, Electric Capital, and other leading investors, Monad is redefining what’s possible on EVM-compatible chains.

What is Monad?

Monad is a next-generation Layer 1 blockchain that works exactly like Ethereum. You can deploy your existing Ethereum smart contracts without changing a single line of code. But Monad’s architecture delivers performance that rivals any blockchain out there.

Here’s what Monad brings to the table. The network handles 10,000 transactions per second. Transactions finalize in just 0.8 seconds. New blocks arrive every 0.4 seconds. Fees stay low even during peak usage. And the network maintains true decentralization with over 200 validators.

Unlike Ethereum’s Layer 2 approach or other L1s that force you to learn new tools, Monad gives you the best of both worlds. You get familiar Ethereum tooling with next-generation performance.

What makes Monad different?

Monad rebuilt how EVM blockchains work from the ground up. Let’s break down the key innovations.

Parallel Execution

Ethereum processes transactions one by one. Monad executes multiple transactions at the same time. This dramatically boosts throughput without compromising security. You can build high-frequency trading apps, complex DeFi protocols with multiple interactions per block, and consumer-grade apps that need instant responses.

MonadBFT Consensus

This pipelined consensus mechanism separates execution from consensus. Blocks finalize faster. The network handles communication more efficiently. And the system stays resilient even when network delays occur.

MonadDb Storage

Monad uses a specialized database designed for high-speed operations. The system reads state quickly during parallel execution. State growth stays manageable. And node operators don’t need expensive hardware to participate.

RaptorCast Block Propagation

Efficient block transmission ensures all 200+ validators receive new blocks quickly. The network stays synchronized even at 10,000 TPS. Validators can run anywhere in the world. And the network maintains robust security.

Why you need transaction analysis on Monad

Monad’s extreme performance creates unique challenges and opportunities. Whether you’re a developer, security researcher, or DeFi user, you need tools to understand what’s happening onchain.

For Developers Building on Monad

When you’re building on a 10,000 TPS chain, you’re dealing with complex parallel execution flows. You need to debug how your transactions interact when the system processes them simultaneously. You need to trace cross-contract calls across multiple protocols. Even with low fees, you want to optimize gas usage and identify bottlenecks. And before you upgrade contracts, you need to validate your logic safely.

For Security Researchers

High throughput opens up new attack vectors. You need to detect exploit patterns in Monad’s parallel environment. When hacks happen, you need to trace fund flows across high-frequency trading protocols. You want to identify MEV strategies like sandwich attacks and frontrunning at 10,000 TPS. And you need to monitor protocol security in real time.

For DeFi Power Users

Navigating Monad’s fast-paced DeFi ecosystem requires deep transaction visibility. When your swap fails, you need to see exactly why it didn’t execute. You want to verify that multi-step DeFi strategies executed correctly. You need to track balance changes across all protocols. And you want to audit what permissions you’ve granted to different protocols.

For Investment Analysts

Making informed decisions requires comprehensive onchain data. You need to analyze protocol TVL flows and track capital movements in real time. You want to monitor whale activity and identify large transactions. When you’re researching new protocols, you need to deep-dive into smart contract interactions. And you need to verify onchain data for your investment theses.

How Phalcon Explorer works on Monad

Phalcon Explorer brings industry-leading transaction analysis to Monad. We’ve built everything you need to understand what’s happening onchain.

Comprehensive Transaction Visualization

We make Monad’s high-frequency transactions easy to understand. You get invocation flow diagrams that show the complete call stack from the initial call through all internal transactions. We present this as an interactive tree diagram you can explore. We track every token and native balance change for all addresses in a transaction. You can visualize how assets move between wallets and protocols with detailed flow diagrams. And we automatically decode all emitted events into human-readable format.

Advanced Debugging Tools

We built features specifically for Monad’s parallel execution. When you’re debugging, you can step through verified contract code line by line. You can see exactly which storage slots changed and by how much with our state diff analysis. We show you which operations consumed the most gas, even with Monad’s low fees. And when transactions fail, we give you detailed revert reasons and failure points.

Multi-chain Context

We help you understand Monad in the broader DeFi landscape. You can compare gas costs and performance across EVM chains. We track assets moving between Monad and other chains. You can see how protocols perform across different networks. And you use the same interface across all supported chains.

Specialized Analysis Features

We built tools specifically for Monad’s unique characteristics. You get insights into transaction dependencies in parallel processing. We help you identify and analyze MEV strategies in Monad’s fast environment. We provide specialized views for DEXs, lending protocols, and derivatives. And we offer advanced fund tracing for security investigations.

Who’s building on Monad with Phalcon Explorer

Major protocols have committed to Monad. These teams rely on Phalcon Explorer for transaction analysis.

On the DeFi side, Uniswap is deploying V3 with full liquidity pools. 0x launched swap infrastructure from Day 1. aPriori built a high-frequency DEX leveraging parallel execution. Kuru DEX created an order book exchange using the full 10,000 TPS. Atlantis DEX optimized concentrated liquidity for speed.

For infrastructure, Chainlink provides oracle data for DeFi applications. Pyth Network delivers high-frequency price feeds for derivatives. Dune Analytics powers onchain analytics using transaction data. Fastlane built MEV-protected trading infrastructure.

Native applications include Kizzy for social trading with real-time execution, Talentum as a decentralized talent marketplace, and Omnia for cross-chain liquidity aggregation.

All these teams need reliable transaction analysis to build, debug, and optimize their applications on Monad’s high-performance infrastructure.

Start exploring Monad with Phalcon

We’re live on Monad mainnet from Day 1. You can start analyzing transactions right now.

Getting Started is Simple

Visit Phalcon Explorer at blocksec.com/phalcon.Paste Monad transaction hash to analyze it instantly.

What You Get Today

We provide full transaction trace and debugging. You can track balance changes across all tokens. We visualize fund flows for you. We integrate with source code verification. You get real-time block and transaction monitoring. We have historical data from the genesis block. And we provide API access for developers.

Perfect For Your Use Case

Developers can debug parallel execution flows. Security researchers can analyze exploits and vulnerabilities. DeFi users can understand complex protocol interactions. Analysts can research protocol performance and adoption. Traders can track MEV and arbitrage opportunities.

Building the future with Monad and Phalcon

Monad’s revolutionary performance combined with Phalcon Explorer’s comprehensive analysis creates the ideal environment for next-generation Web3 applications. Whether you’re developing high-frequency trading strategies, debugging complex DeFi protocols, or conducting security research, you now have the tools to understand exactly what’s happening onchain.

Even at 10,000 transactions per second, you get complete transparency and insights. As Monad continues pushing the boundaries of EVM-compatible chains, Phalcon Explorer will be there every step of the way. We’re providing the visibility you need to build with confidence.

Start analyzing Monad transactions today with Phalcon Explorer. We’re the only blockchain explorer built for security-first transaction analysis at scale.

About Phalcon Explorer

Phalcon Explorer is the industry-leading blockchain transaction analyzer. We provide security researchers, developers, and DeFi users with unparalleled visibility into onchain activity. We support 15+ EVM chains including Ethereum, BSC, Arbitrum, Base, and now Monad. Phalcon Explorer has become the go-to tool for understanding complex smart contract interactions, tracing fund flows, and debugging transactions.

Learn more:

• Website: blocksec.com/explorer
• Documentation: docs.blocksec.com/phalcon/explorer
• Twitter: @BlockSecTeam & @Phalcon_xyz
• Telegram: t.me/blocksecteam

Phalcon Explorer now supports Plasma, the purpose-built L1 for stablecoins. You can analyze payment flows, debug smart contracts, and trace fund movements on the world’s first stablecoin-native blockchain. Access comprehensive transaction analysis, real-time monitoring, and advanced debugging tools on Plasma today.

Why stablecoins need purpose-built infrastructure

Stablecoins are emerging as the backbone of the next-generation global payment system. The market is moving toward trillions of dollars in value. We’re seeing stablecoins fundamentally change how money moves globally.

Most blockchains weren’t designed with stablecoins in mind. They treat stablecoins as just another token type. But stablecoins need specialized infrastructure. They need near-instant settlement, fee-free transfers, and institutional-grade security. Plasma provides exactly that.

Plasma is revolutionizing the stablecoin ecosystem as a high-performance Layer 1 blockchain specifically engineered for digital dollar infrastructure. In a world where stablecoins are becoming essential financial rails, Plasma delivers the focused approach needed for global payment volumes.

What is Plasma network

Plasma is a Layer 1 blockchain purpose-built for global stablecoin payments. Unlike general-purpose blockchains, Plasma optimizes every aspect of its architecture for stablecoin operations. This focused approach enables unprecedented performance for payment applications.

The network launched with over $7 billion in stablecoin deposits and supports 25+ different stablecoins. Plasma ranks as the 4th largest network by USDT balance. The chain has attracted diverse partnerships including Yellow Card, Privy, Rain, Fireblocks, and Mansa. Major investors like Bitfinex, Founders Fund, Framework, Flow Traders, and DRW back the project.

Here’s what makes Plasma different. The network handles over 1,000 transactions per second. Block times stay under 1 second. USDT transfers cost zero dollars in fees. The system maintains full EVM compatibility. And Plasma includes a native Bitcoin bridge for direct BTC operations.

Key features of Plasma network

Plasma combines several innovations that make it ideal for stablecoin infrastructure.

Purpose-Built for Stablecoins

Every layer is optimized for digital dollar operations. From consensus to execution, Plasma enables sub-second finality and fee-free transfers. The network provides native support for stablecoin use cases at the protocol level. You get built-in stablecoin infrastructure with integrated liquidity pools and native payment operations.

Deep Liquidity and Native Features

Plasma launched with approximately $2 billion in USDT available from day one. This deep liquidity means you can build applications knowing capital is ready to move. The network supports over 200 payment methods across 100+ countries and currencies. You don’t need to bootstrap liquidity or wait for adoption.

Full EVM Compatibility

You can deploy contracts using the same tools and workflows you already know. Foundry, Hardhat, MetaMask, and all major EVM infrastructure work out of the box. There’s no need for bridging layers, custom compilers, or modified contract patterns. Your existing Solidity code works without changes.

Native Bitcoin Bridge

Plasma includes a trust-minimized bridge for Bitcoin. You can move BTC directly into the EVM environment without relying on centralized custodians. This unlocks new applications at the intersection of stablecoins and the world’s largest digital asset. You get BTC-backed stablecoins, trustless collateral, and Bitcoin-denominated finance in a single environment.

Stablecoin-Native Contracts

Plasma maintains protocol-governed contracts tailored for stablecoin applications. These include zero-fee USDT transfers through dedicated paymaster contracts, custom gas tokens that let users pay fees in stablecoins instead of native tokens, and confidential payments for privacy-preserving transfers. These contracts are security-audited and designed to work directly with smart account wallets.

Why you need transaction analysis on Plasma

Plasma’s stablecoin-first design creates unique requirements for developers, compliance teams, and financial operators.

For Payment Platform Developers

When you’re building global payment infrastructure, you need deep visibility into transaction flows. You need to debug fee-free transfer logic and understand how paymasters sponsor gas. You want to trace payment routes across multiple stablecoin types. You need to verify that cross-border settlements execute correctly. And you need to optimize smart contract interactions for high-volume payment scenarios.

For DeFi Protocol Builders

Building on Plasma means working with deep stablecoin liquidity. You need to understand how your lending protocols interact with multiple stablecoins. You want to trace collateral movements across DeFi primitives. You need to debug yield-generating strategies safely. You want to monitor liquidity pool performance. And you need to verify that BTC bridge operations execute correctly.

For Financial Institutions

Traditional finance is moving onchain. You need to analyze settlement finality for institutional transactions. You want to track treasury operations across multiple accounts. You need to verify escrow contract logic before deploying millions in value. You want to monitor payment streaming for payroll and recurring settlements. And you need detailed transaction records for reconciliation and reporting.

For Stablecoin Issuers

If you’re issuing stablecoins on Plasma, you need comprehensive monitoring. You want to track minting and burning operations. You need to verify reserves match circulating supply. You want to monitor redemption flows. You need to analyze transaction velocity and holder distribution. And you want to ensure your stablecoin contracts perform as expected under high volume.

What Phalcon Explorer brings to Plasma developers

We built Phalcon Explorer to provide comprehensive transaction analysis for blockchains that matter. Plasma’s focus on stablecoin infrastructure makes it a perfect fit for our tools.

Comprehensive Payment Flow Analysis

We make Plasma’s stablecoin transactions easy to understand. You get complete visualization of payment routes from sender to recipient, including all intermediate steps. We show you exactly how paymasters sponsor gas for fee-free transfers. You can track balance changes for every stablecoin involved in a transaction. We decode all payment-related events into human-readable format. And you see the full context of multi-step settlement flows.

Advanced Smart Contract Debugging

We provide tools specifically designed for financial contract development. You can step through verified contract code line by line to understand execution. We show you storage changes for critical financial state variables. You see gas consumption patterns even when fees are sponsored. We provide detailed revert reasons when transactions fail. And you can analyze how your contracts interact with Plasma’s native stablecoin features.

Multi-Stablecoin Transaction Tracking

Plasma supports 25+ stablecoins. We help you make sense of complex multi-currency flows. You can track USDT, USDC, and other stablecoins in a single transaction view. We show you exchange rates and conversion steps. You see how custom gas tokens get used for fee payments. We track cross-stablecoin swaps and settlements. And you can analyze liquidity flows across different stablecoin pools.

Testing and Simulation Tools

Before you deploy payment infrastructure, you need to test thoroughly. You can simulate transactions to preview outcomes before execution. We help you test complex payment flows safely. You can validate multi-party settlement logic. We show you how confidential payment features affect transaction visibility. And you can debug edge cases without risking real funds.

Building the future of payments on Plasma

The combination of Plasma’s purpose-built infrastructure and Phalcon Explorer’s comprehensive analysis tools creates the ideal environment for building next-generation stablecoin applications.

Global Remittance Networks

You can leverage Plasma’s fee-free architecture to enable instant cross-border transfers. Build platforms that connect local fiat on-ramps with Plasma’s stablecoin rails. Enable migrant workers to send money home instantly without fees. With our monitoring tools, you can track payment flows across corridors and ensure regulatory compliance. You see exactly how money moves from sender to recipient across multiple jurisdictions.

Merchant Payment Infrastructure

Deploy point-of-sale systems that settle in real time. Plasma’s sub-second finality means merchants receive funds instantly. The native stablecoin optimization ensures price stability. Use our simulation tools to test complex loyalty programs and multi-currency settlement logic before going live. You can verify that split payments work correctly. You can track merchant payouts in real time.

Institutional Settlement Systems

Create B2B payment rails that handle millions in daily volume with programmatic compliance. Plasma’s deep liquidity pools ensure efficient large-value transfers. The native Bitcoin bridge opens opportunities for crypto-to-stablecoin settlement flows. Monitor every transaction with our enterprise-grade tools to maintain institutional SLAs. You get the detailed reporting financial institutions demand.

Micropayment Platforms

With zero transaction fees, sub-dollar payments become economically viable. Build streaming payment applications for content creators. Create pay-per-use APIs or IoT device networks where traditional payment rails fail. Debug complex payment splitting logic with our transaction traces to ensure creators get compensated accurately. You can verify that micropayments aggregate and settle correctly.

Yield-Generating Stablecoin Products

Develop DeFi protocols that maximize stablecoin yields through Plasma’s integrated infrastructure. Create automated market makers, lending pools, or structured products that benefit from the network’s stablecoin-first design. Test complex DeFi strategies safely using our analysis tools before deploying millions in TVL. You can verify that your yield calculations execute correctly.

Programmable Escrow Services

Build trustless escrow systems for freelance platforms, real estate transactions, or supply chain payments. These systems release funds based on smart contract conditions. Plasma’s EVM compatibility means you can port existing escrow logic while benefiting from instant, free settlement. Simulate edge cases and dispute scenarios with our tools to ensure bulletproof contract logic.

Who’s building on Plasma with Phalcon Explorer

Major stablecoin infrastructure providers have committed to Plasma. These teams need reliable transaction analysis.

Payment platforms like Yellow Card are building on Plasma to serve users across Africa. Privy provides wallet infrastructure for seamless stablecoin onboarding. Rain delivers compliant fiat on-ramps and off-ramps. Fireblocks offers institutional-grade custody solutions. Mansa builds financial infrastructure for emerging markets.

These teams rely on comprehensive transaction analysis to build, debug, and optimize their payment applications. They need to understand complex multi-party flows. They need to verify compliance with financial regulations. And they need tools that work at the scale Plasma enables.

Start analyzing Plasma transactions today

We’re live on Plasma from day one. You can start using Phalcon Explorer right now.

Getting Started Takes Minutes

Visit Phalcon Explorer at blocksec.com/explorer. Paste any transaction hash to see complete analysis instantly.

What You Get Today

We provide full transaction trace and debugging for all Plasma transactions. You can track balance changes across all 25+ supported stablecoins. We visualize payment flows from sender to recipient. We integrate with source code verification for deployed contracts. You get real-time block and transaction monitoring. We maintain complete historical data from genesis. And we provide API access for programmatic analysis.

Perfect For Your Use Case

Payment platform developers can debug fee-free transfer logic. Compliance teams can monitor large-value transfers. DeFi builders can analyze stablecoin liquidity flows. Financial institutions can verify settlement finality. Stablecoin issuers can track minting and redemption. Security researchers can audit smart contract interactions.

The infrastructure stablecoins deserve

Plasma’s purpose-built blockchain combined with Phalcon Explorer’s comprehensive analysis creates the foundation for the next generation of global payments. Whether you’re building remittance networks for millions of users or institutional settlement systems for billions in daily volume, you now have the infrastructure and tools to do it right.

As stablecoins continue their trajectory toward becoming the primary medium of exchange in the digital economy, Plasma and Phalcon Explorer are providing the foundational infrastructure to make this vision a reality. You get the performance needed for global scale. You get the compliance tools required for institutional adoption. And you get the visibility necessary to build with confidence.

Start analyzing Plasma transactions today with Phalcon Explorer. We’re the only blockchain explorer built for comprehensive stablecoin payment analysis.

About Phalcon Explorer

Phalcon Explorer is the industry-leading blockchain transaction analyzer. We provide payment platform developers, compliance teams, and financial institutions with unparalleled visibility into onchain activity. We support 15+ EVM chains including Ethereum, BSC, Arbitrum, Base, Monad, and now Plasma. Phalcon Explorer has become the essential tool for understanding complex payment flows, tracing fund movements, and debugging financial contracts.

Learn more:

• Website: blocksec.com/explorer
• Documentation: docs.blocksec.com
• Twitter: @BlockSecTeam
• Telegram: t.me/blocksecteam

Are you struggling with slow crypto compliance checks, complex blockchain regulatory compliance workflows, or rigid payment plans that don’t match your actual needs?

As Web3 regulations tighten, exchanges and users struggle with traditional crypto AML compliance tools. Slow multi-step registration, delayed results, and strict pricing cause problems. This leaves you exposed when quick KYT compliance checks are required.

The result? Missed threats, operational inefficiencies, and potential regulatory penalties that could have been avoided with the right crypto compliance software.

BlockSec’s Phalcon Compliance 3.1 directly addresses these pain points. This major update transforms how blockchain compliance is managed through three key improvements: instant screening access, seamless information sharing, and flexible pay-as-you-go options. Version 3.1 significantly accelerates risk checks, making DeFi compliance, screening crypto wallets, and ensuring blockchain legal compliance easier, more efficient, and more cost-effective.

I. Instant Screening Access

The Problem with Traditional Workflows

Previously, you had to register, log in, and bind a payment method before screening any address or transaction. In urgent KYT compliance scenarios — such as verifying a suspicious withdrawal or checking a new counterparty. These extra steps waste valuable time and delay decision-making.

How We Fixed It: Search-First Architecture

Version 3.1 completely rethinks the user experience with a “search first, dive deep later” architecture. You can now begin crypto wallet screening within seconds:

Direct Landing Page Scanning: Visit our product page, enter any blockchain address or transaction hash, and click scan. No registration barriers, no payment setup. It’s just instant blockchain compliance results. This is ideal for urgent DeFi risk assessments or rapid counterparty verification.

New Home Dashboard: We consolidated all essential tools into a single Home page, including:

• A multi-chain search bar (Ethereum, Tron, Polygon, BSC, and more)
• A hot risk tracking section highlighting trending threats
• Your screening history for quick reference
• Sample data examples for immediate testing

This redesign shortens the operational path by up to 60%, enabling you to meet cryptocurrency exchange compliance requirements faster and with less friction.

One-Click Sample Data: New to crypto compliance software? The search dropdown includes preloaded examples, such as Ethereum scam addresses labeled “Exposure: Scam & Mixer Linked” (e.g., 0xc5f0e0424052f95418f35da2e6267616ae06cb1d), as well as Tron money-laundering transaction hashes. Click any example to instantly explore our full crypto AML compliance capabilities. No real data required.

Automatic Chain Detection: There is no need to manually select a blockchain. The system automatically detects the correct network for each address or transaction and matches it to the appropriate risk database. This reduces screening errors and streamlines Web3 compliance workflows across multiple chains.

II. Lite Scan Mode + Hot Risk Tracking

This makes blockchain regulatory compliance more accessible

Addressing DeFi Compliance Information Gaps

In DeFi compliance and blockchain legal compliance scenarios, risk findings often need to be shared quickly across teams, partners, or regulators. Traditional tools make this difficult: reports get trapped behind login barriers, and critical threat intelligence fails to reach the right stakeholders in time.

Solution: Two New Features for Better Information Flow

1. Lite Scan Mode: Zero-Barrier Crypto Wallet Screening

The new Lite Scan mode delivers lightweight KYT compliance checks with no account registration requirement. Anyone can:

• Input an address or transaction hash
• View associated risk labels (Sanctioned, Scam, Human Trafficking, Mixer, etc.)
• See key financial metrics (total inflow/outflow, current balance)
• Identify exposure to high-risk fund pools such as mixers and darknet addresses

Use cases: Exchange customer support teams can instantly verify withdrawal addresses. Individual users can check receiving addresses before transacting. Compliance officers can share rapid risk assessments without IT or access barriers.

2. Hot Risk Tracking: Proactive Threat Intelligence

Version 3.1 shifts crypto compliance from a reactive model to a proactive one through two intelligence-driven features:

Shareable Risk Reports: When screening high-risk entities, such as a Tron address flagged for human trafficking (e.g.,TEGG7fN6fET1SMsgebAqFqrb3nZJpZUCnm), you can generate a public sharing link. Recipients can view full risk details, labels, and fund flow diagrams without logging in. This is ideal for:

• Inter-institutional compliance coordination
• Industry-wide threat notifications
• Blockchain regulatory compliance reporting

Real-Time Event Feed: The Home dashboard now highlights:

• Latest Platform Insights: Major global compliance events, including exchange investigations, new sanctions lists, and regulatory actions impacting blockchain law
• Compliance Hotspots: Trending searches combined with the latest DeFi regulation insights

Click any highlighted address or transaction to jump directly into screening — no manual input required. Stay ahead of emerging DeFi risks and regulatory developments shaping crypto regulations.

III. Flexible Credit System

This provides better pricing for every crypto compliance need.

The Fixed-Package Problem

Previous pricing models relied on fixed subscription periods. Small and mid-sized users often faced a dilemma: purchase more than they needed (resulting in wasted credits) or run out mid-cycle and be forced to upgrade. Neither option aligned well with real-world KYT compliance usage patterns.

Solution: Pay-As-You-Go Credit Packages

Credit Package Top-Ups: Purchase exactly the number of screening credits you need, precisely when you need them. No more paying for unused capacity. This model is ideal for:

• Occasional screening requirements
• Seasonal or irregular volume fluctuations
• Evaluating best crypto compliance software before committing to larger plans

Expanded Payment Options: We introduced additional payment methods to better reflect how users operate across regions:

• WeChat Pay: Domestic users can purchase credits directly, without currency conversion or cross-border payment friction
• Cash App: International users benefit from faster checkout through familiar e-wallet workflows
• Existing options: Credit cards and cryptocurrency payments remain fully supported

This flexible pricing model makes blockchain compliance tools accessible to individual users, startups, and enterprises alike — whether screening 10 addresses or 10,000 per month.

IV. Referral Program

Want to help others strengthen their Web3 compliance while earning rewards at the same time? The new Referral Program offers two complementary benefit tiers:

Referral Page

Free Scanning Credits: Generate your unique referral code or link. For each person who registers and completes their first scan, you receive 3 free screening credits without any accumulation limit. These credits can be used for advanced crypto wallet screening and detailed risk reports.

Cash Rewards: Earn up to 20% cashback on every payment made by your referrals. Cashback is applied directly at checkout. Once your accumulated balance reaches USD 100, you can request a withdrawal, with a maximum lifetime reward of USD 10,000 per referrer.

Get started: Click the registration link below to begin inviting contacts, building your reward balance, and expanding access to professional crypto compliance software.

Reward

👉 Start Your Referral Journey

Why Crypto Compliance Matters More Than Ever

Blockchain regulations are tightening worldwide. From FATF guidelines to regional DeFi regulation frameworks, authorities increasingly expect organizations to demonstrate robust KYT compliance processes. At the same time, compliance should not slow operations or drain resources.

Phalcon Compliance 3.1 demonstrates that cryptocurrency exchange compliance and DeFi compliance can be both thorough and efficient. We have served over 500 clients globally, ranging from leading exchanges such as Coinbase and Bybit to regulatory and enforcement bodies including the United Nations, the FBI, and the SFC.

Our platform addresses the most critical blockchain legal challenges:

• 400M+ address labels covering sanctions, scams, human trafficking, mixers, and more
• Multi-chain coverage: Ethereum, Tron, BSC, Polygon, Base, Optimism, and beyond
• Millisecond-level API response for real-time screening at scale
• Visual fund flow tracking integrated with MetaSleuth for investigative analysis
• One-click STR generation aligned with global blockchain regulatory compliance requirements

Whether you operate an exchange or OTC desk requiring batch address verification, an investment firm assessing project-level fund compliance, or an individual seeking to protect personal assets, version 3.1 delivers a best crypto compliance software experience tailored to your needs.

Experience the Upgrade Today

With instant access, Lite Scan sharing, flexible credit packages, and referral rewards, version 3.1 makes crypto AML compliance more accessible than ever. No complex workflows. No rigid pricing. Just faster, smarter blockchain compliance that scales with your operations.

Ready to strengthen your crypto compliance posture?

👉 Try Phalcon Compliance 3.1 Now — Start screening in seconds

👉 Join Our Referral Program — Earn rewards while sharing compliance tools

For questions about DeFi KYC, KYT definitions, or how Phalcon Compliance addresses specific blockchain legal compliance requirements in your jurisdiction, please contact our team or explore the documentation.

Since early 2024, Solana has rapidly become the user’s preferred blockchain due to its high throughput, smooth trading experience, and low fees. This has led to a significant increase in on-chain activity and explosive growth of applications. According to Defillama data, Solana’s TVL has now surpassed $7.3 billion, firmly holding the second position in the public blockchain rankings.

To meet the security needs of developers and users, BlockSec Phalcon has now fully integrated support for Solana!

24/7 Real-Time Monitoring

Starting today, projects and liquidity providers on Solana can leverage Phalcon’s monitoring capabilities to track on-chain activities associated with their protocols. Receive instant alerts for operational risks such as program upgrades and authority changes, as well as security risks related to fluctuations in token amounts or prices. This enables a rapid response to mitigate potential losses.

Besides the above-mentioned risk types, we offer:

• Real-time monitoring of attack transactions
• Real-time monitoring of operational, interaction, and financial risks
• Flexible monitoring of key variables, sensitive events, and function invocation
• Custom monitoring solutions by security experts
• Automated responses with multi-signature wallets
• Emergency response SOP and War Room services
• Root cause analysis
• Audits of fixed smart contract codes
• …

Over two years of internal operation, we had intercepted 20+ attacks through white-hat rescues, preventing $20M+ in potential losses. Backtesting data from 2024 shows that Phalcon detected over 99.99% of attacks with a false positive rate below 0.0001%.

Currently, Phalcon fully supports multiple mainstream blockchain networks, including ETH, BSC, Solana, Arbitrum, Avalanche, Optimism, Manta, Mantle, Merlin, Base, Sei, Bitlayer, Core, and BoB. With 24/7 real-time monitoring, a detection engine defined by over 200 attack characteristics, and millisecond-level automatic blocking technology, Phalcon empowers project teams to shift from a “passive response 🔴” to a “proactive prevention 🟢” approach against various security risks.

🔥 Experience BlockSec Phalcon Now

BlockSec Phalcon is an invitation-only SaaS platform. Interested users can schedule a demo to discover the platform’s features in detail and apply for a free trial to start safeguarding their projects/assets today!

Transaction Visualization

BlockSec Phalcon’s supporting tool, Phalcon Explorer, now extends support to Solana. Users can leverage Phalcon Explorer to visualize transaction details such as fund flows, balance changes, function calls, and more.

• Clarify account relationships and token holdings
• Provide useful features like MEV transaction tagging and address labeling
• Empower developers with a clear and comprehensive view of function calls

Try it out with this example transaction.

About BlockSec Phalcon

BlockSec Phalcon is the industry’s only automated attack monitoring and blocking platform. It features advanced capabilities for attack detection, customizable monitoring rules, and automated responses. This allows for the accurate identification and prompt blocking of not only attacks but also operational, interactional, and financial risks.

• Early and Precise Detection: Scans every mempool and on-chain transaction to precisely identify malicious behavior. Combining DeFi semantics and AI algorithms, the false positive rate is reduced to nearly zero.
• Automatic Response with Multisig Support: Goes beyond detecting attacks to blocking them in real-time. Attacks are automatically intercepted based on user-defined actions, ensuring 24/7 proactive security protection.
• Simplified & Flexible Configuration: After users import addresses, the system automatically completes the monitoring setup and offers various monitoring templates. Users can also customize a combination of rules to handle complex scenarios.

If you have concerns about your project’s security after its launch, consider scheduling a Phalcon product demo. You can speak directly with our security experts and even apply for a free trial to experience firsthand how Phalcon safeguards your protocol.

Book a Demo: calendly.com/blocksec/phalcon-demo

Website: https://blocksec.com/phalcon

X: https://x.com/Phalcon_xyz

Read the original article at Chaintech

A secure, compliant, and trustworthy ecosystem is crucial for web3 fintech technologies, such as DeFi apps and stablecoins to scale. BlockSec, a blockchain security company, is at the leading edge of this juncture. I recently spoke with Dr. Andy Zhou, co-founder and CEO of BlockSec about the company’s origins, security and compliance challenges in DeFi, and his leadership philosophy of a fast growing start up. The following is a summary of our discussion, which has been edited for brevity and clarity.

— J.Michael Bradley, Sr. Advising Partner at Chaintech

A Personal Summary of BlockSec’s Journey

I’m Dr. Andy Zhou, and I can tell you that BlockSec is, at its core, a blockchain security company. My co-founder, Dr. Wu, and I launched the company in 2021. We were both university professors at Zhejiang University in China with extensive backgrounds in cybersecurity systems and blockchain research. Our “genesis story” is simple: we saw how billions were being lost in on-chain hacks, and we felt a moral obligation to protect users, developers, and institutions. That’s why we created products like Phalcon Security, which is our real-time monitoring platform that automatically spots and responds to hacks, and MetaSleuth, a fund tracking tool that’s actually used by law enforcement to investigate scams. We also offer auditing and consulting. I’m proud to say we’re venture-backed, already sustainable, and serving over 500 global clients, including DeFi protocols and major institutional customers like the Hong Kong SFC and main exchanges like Coinbase, OKX, Bybit, and etc.

Vision for the Decentralized Future

The way I see it, the vision for BlockSec is to become the absolute security backbone of the decentralized world. My goal is to allow developers to innovate without the constant headache of worrying about security risks. But our future is actually about more than just protection — it’s where security and compliance merge. With stablecoins becoming such a massive and critical piece of the financial infrastructure, especially as they move into real-world use cases, the need for compliance is only going to get more serious.

Key Industry Trends in Blockchain and Web3

When I look at industry trends, I notice that some of the earlier Web3 applications like SocialFi and GameFi still haven’t found their widespread usage scenario. Instead, I’m seeing real momentum in two major areas: prediction markets and the massive emergence of stablecoins. I recently shared a fascinating observation from China: while traditional banks are still holding back due to unclear government policy, big Chinese companies are already moving to better understand how stablecoin based payments may help their businesses! Specifically, they’re researching potential stablecoin payment systems to handle their overseas business. They’re basically lining up to be first when the regulatory dust settles, and that says much about where the market is headed.

BlockSec’s Unique Position and Competitive Edge

BlockSec is perfectly positioned to address these trends because we sit right at that intersection of security and compliance. A typical DeFi protocol mainly needs security, but a stablecoin absolutely needs both.

That’s why we’ve heavily invested in our compliance services, specifically our KYT (Know Your Transaction) and KYA (Know Your Address) solutions for our payment customers. Our product, Phalcon Compliance, automatically screens incoming cryptocurrencies for illicit funds, allowing customers to isolate the money before their main address gets frozen.

We have two key advantages: first, we possess unique intelligence related to illicit funds in key Asian markets (for example, Cambodia) that our Western competitors often lack; and second, our pricing is extremely competitive due to our strong R&D resources in mainland China.

What BlockSec Looks Like in Five Years

In five years, I plan for BlockSec to be truly global. We’ve already opened offices in Hong Kong and Singapore, and Europe and the United States are next on our list for expansion. From a technical standpoint, I want our services to be far more intelligent and autonomous. I envision an automatic mechanism that can detect, analyze, and respond to threats — whether it’s a hack or illicit money flow — across multiple blockchains in real-time. This focus on innovation is why over 70% of our team is dedicated to research and development, and among the RD team, 70% have a master’s or PhD degree.

Core Leadership Philosophy

When it comes to leadership philosophy, I’m deeply inspired by a quote from game developer John Carmack, who essentially said you don’t need huge capital to start something grand — you just need dedication, a cheap PC, and the courage to go through with it. This philosophy that “if you want to do something, just do it” has shaped my own focus on execution. I constantly encourage my team to move past just talking and have the courage to turn their curiosity and great ideas into real-world solutions that solve a real-world problem. Don’t just ask hard questions — go ahead, solve the problem, and just do it!

On November 3, 2025, Balancer V2’s Composable Stable Pools, along with several forked projects across multiple chains, suffered a coordinated exploit that resulted in total losses of over $125 million. BlockSec issued an alert at the earliest time [1] and subsequently released an initial analysis [2].

This was a highly sophisticated attack. Our investigation reveals that the root cause was price manipulation resulting from precision loss in the invariant calculation, which in turn distorted the BPT (Balancer Pool Token) price computation. This invariant manipulation allowed the attacker to profit from a specific stable pool through a single batch swap. While some researchers have provided insightful analyses, certain interpretations are misleading, and the root cause and attack process have not yet been fully clarified. This blog aims to present a comprehensive and accurate technical analysis of the incident.

Key Takeaways (TL;DR)

Root cause: rounding inconsistency and precision loss

• The upscaling operation uses unidirectional rounding (rounding down), while the downscaling operation uses bidirectional rounding (rounding up and down).
• This inconsistency creates precision loss that, when exploited through a carefully crafted swap path, violates the standard principle that rounding should always favor the protocol.

Exploit execution

• The attacker deliberately crafted parameters, including the number of iterations and input values, to maximize the effect of the precision loss.
• The attacker used a two-stage approach to evade detection: first executing the core exploit within a single transaction without immediate profit, then realizing profits by withdrawing assets in a separate transaction.

Operational impact and amplification

• The protocol could not be paused due to certain constraints [3]. This inability to halt operations exacerbated the exploit’s impact and enabled numerous subsequent or copycat attacks.

In the following sections, we will first provide key background information about Balancer V2, followed by an in-depth analysis of the identified issues and the associated attack.

0x1 Background

Balancer V2’s Composable Stable Pool

The affected component in this attack was the Composable Stable Pool [4] of the Balancer V2 protocol. These pools are designed for assets that are expected to maintain near 1:1 parity (or trade at a known exchange rate) and allow large swaps with minimal price impact, thereby significantly improving capital efficiency between like-kind or correlated assets. Each pool has its own Balancer Pool Token (BPT), which represents the liquidity provider’s share of the pool, along with the corresponding underlying assets.

• This pool adopts Stable Math (based on Curve’s StableSwap model), where the invariant D represents the pool’s virtual total value.
• The BPT price can be approximated as:

From the above formula, it can be seen that if D can be made smaller on paper (even without any actual loss of funds), the BPT price will appear cheaper.

batchSwap() and onSwap()

Balancer V2 provides the batchSwap() function, which enables multi-hop swaps within the Vault [5]. There are two swap types determined by a parameter passed to this function:

• GIVEN_IN (“Given In”): the caller specifies the exact amount of the input token, and the pool calculates the corresponding output amount.
• GIVEN_OUT (“Given Out”): the caller specifies the desired output amount, and the pool computes the required input amount.

Typically, a batchSwap() consists of multiple token-to-token swaps executed via the onSwap() function. The following outlines the execution path when a SwapRequest is assigned a GIVEN_OUT swap type (note that ComposableStablePool inherits from BaseGeneralPool):

The following shows the calculation of amount_in for the GIVEN_OUT swap type, which involves the invariant D.

Scaling and Rounding

To normalize the calculations across different token balances, Balancer performs the following two operations:

• Upscaling: Scale balances and amounts up to a unified internal precision before performing calculations.

• Downscaling: Convert the results back to their native precision, applying directional rounding (for example, input amounts are usually rounded up to ensure the pool does not undercharge, while output amounts are often rounded down).

Obviously, upscaling and downscaling are theoretically paired operations — multiplication and division, respectively. However, an inconsistency exists in the implementation of these two operations. Specifically, the downscaling operation has two variants or directions: divUp and divDown. In contrast, the upscaling operation has only one direction, namely mulDown.

The reason for this inconsistency is unclear. According to the comment in the _upscale() function, the developers consider the impact of rounding in a single direction to be minimal.

// Upscale rounding wouldn’t necessarily always go in the same direction: in a swap for example the balance of
// token in should be rounded up, and that of token out rounded down. This is the only place where we round in
// the same direction for all amounts, as the impact of this rounding is expected to be minimal (and there’s no
// rounding error unless _scalingFactor() is overriden).

0x2 Vulnerability Analysis

The underlying issue arises from the rounding-down operation performed during upscaling in the BaseGeneralPool._swapGivenOut() function. In particular, _swapGivenOut() incorrectly rounds down swapRequest.amount through the _upscale() function. The resulting rounded value is subsequently used as amountOut when calculating amountIn via _onSwapGivenOut(). This behavior contradicts the standard practice that rounding should be applied in a manner that benefits the protocol.

Therefore, for a given pool (wstETH/rETH/cbETH), the computed amountIn underestimates the actual required input. This allows a user to exchange a smaller quantity of one underlying asset (e.g., wstETH) for another (e.g., cbETH), thereby decreasing the invariant D as a result of reduced effective liquidity. Consequently, the price of the corresponding BPT (wstETH/rETH/cbETH) becomes deflated, since BPT price = D / totalSupply.

0x3 Attack Analysis

The attacker executed a two-stage attack, likely to minimize detection risk:

• In the first stage, the core exploit was performed within a single transaction, yielding no immediate profit.
• In the second stage, the attacker realized profits by withdrawing assets in a separate transaction.

The first stage can be further divided into two phases: parameter calculation and batch swap. Below, we illustrate these phases using an example attack transaction (TX) on Arbitrum.

The Parameter Calculation Phase

In this phase, the attacker combined off-chain calculations with on-chain simulations to precisely tune each hop’s parameters in the next (batch swap) phase, based on the current state of the Composable Stable Pool (including scaling factors, amplification coefficient, BPT rate, swap fees, and other parameters). Interestingly, the attacker also deployed an auxiliary contract to assist with these calculations, which may have been intended to reduce exposure to front-running.

At the start, the attacker collects basic information about the target pool, including each token’s scaling factors, the amplification parameter, the BPT rate, and the swap fee percentage. They then compute a key value called trickAmt, which is the manipulated amount of the target token used to induce precision loss.

Denoting the target token’s scaling factor as sF, the calculation is:

To determine the parameters used in step 2 of the next (batch swap) phase, the attacker made subsequent simulation calls to the 0x524c9e20 function of the auxiliary contract with the following calldata:

uint256[] balances; // Balances of pool tokens (excluding BPT)
uint256[] scalingFactors; // Scaling factors for each pool token
uint tokenIn; // Index of the input token for this hop’s simulation
uint tokenOut; // Index of the output token for this hop’s simulation
uint256 amountOut; // Desired output token amount
uint256 amp; // Amplification parameter of the pool
uint256 fee; // Pool swap fee percentage

And the return data is:

uint256[] balances; // Pool token balances (excluding BPT) after the swap

Specifically, the initial balance and the number of iteration loops were computed off-chain and passed as parameters to the attacker’s contract (reported as 100,000,000,000 and 25, respectively). Each iteration performs three swaps:

• Swap 1: Push the target token’s amount to trickAmt + 1, assuming the swap direction is 0 → 1.
• Swap 2: Continue swapping out the target token with trickAmt, which triggers rounding down in the _upscale() invocation.
• Swap 3: Execute a swap-back operation (1 → 0), where the amount to be swapped is derived from the current token balance in the pool by truncating the two most significant decimal digits, that is, rounding down to the nearest multiple of $10^{d-2}$, whererd is the number of decimal digits. For example, 324,816 -> 320,000.
• Note that this step may occasionally fail due to the Newton–Raphson method used in the StableMath calculation. To mitigate this, the attacker implements two retry attempts, each using a 9/10 fallback of the original value. The attacker’s auxiliary contract is derived from Balancer V2’s StableMath library, as evidenced by the inclusion of the “BAL”-style custom error messages.

The Batch Swap Phase

Then, the batchSwap() operation can be broken down into three steps:

• Step 1: The attacker swaps BPT (wstETH/rETH/cbETH) for underlying assets to precisely adjust the balance of one token (cbETH) to the edge of a rounding boundary (amount = 9). This sets up the conditions for precision loss in the next step.
• Step 2: The attacker then swaps between another underlying (wstETH) and cbETH using a crafted amount (= 8). Due to rounding down when scaling token amounts, the computed Δx becomes slightly smaller (8.918 to 8), leading to an underestimated Δy and thus a smaller invariant (D from Curve’s StableSwap model). Since BPT price = D / totalSupply, the BPT price becomes artificially deflated.

• Step 3: The attacker reverse-swaps the underlying assets back into BPT, restoring balance while profiting from the deflated BPT price.

0x5 Conclusion

This incident involved a series of attack transactions targeting the Balancer V2 protocol and its forked projects, resulting in significant financial losses. Following the initial attack, numerous subsequent and copycat transactions were observed across multiple chains. This event highlights several critical lessons for the design and security of DeFi protocols:

• Rounding Behavior and Precision Loss: The unidirectional rounding (rounding down) used in the upscaling operation differs from the bidirectional rounding (rounding up and down) used in the downscaling operation. To prevent similar vulnerabilities, protocols should employ higher-precision arithmetic and implement robust validation checks. It is essential to uphold the standard principle that rounding should always favor the protocol.
• Evolution of Exploitation: The attacker carried out a sophisticated two-stage exploit designed to evade detection. In the first stage, the attacker executed the core exploit within a single transaction without immediate profit. In the second stage, the attacker realized profits by withdrawing assets in a separate transaction. This incident once again highlights the ongoing arms race between security researchers and attackers.
• Operational Awareness and Threat Response: This incident underscores the importance of timely alerts regarding initialization and operational status, as well as proactive threat detection and prevention mechanisms to mitigate potential losses from ongoing or copycat attacks.

While maintaining operational and business continuity, industry participants can leverage BlockSec Phalcon as the last line of defense to safeguard their assets. The BlockSec expert team stands ready to conduct a comprehensive security assessment for your project.

• 🔗 BlockSec Audit: https://blocksec.com/audit
• 🔗 Phalcon Security APP: https://blocksec.com/phalcon/security
• 🔗 Book a demo: https://blocksec.com/book-demo

Reference

[1] https://x.com/Phalcon_xyz/status/1985262010347696312

[2] https://x.com/Phalcon_xyz/status/1985302779263643915

[3] https://x.com/Balancer/status/1985390307245244573

[4] https://docs-v2.balancer.fi/concepts/pools/composable-stable.html

[5] https://docs-v2.balancer.fi/reference/swaps/batch-swaps.html

Over the past year, the value of crypto assets has soared, yet security risks have hit a record high. In the first ten months of 2025, the Web3 space faced severe attacks, resulting in huge asset losses.

• Key Management Vulnerabilities: The HyperLiquid trading account lost about $21 million due to a private key leak. The Bybit multisig wallet was hacked. This upgrade caused losses of nearly $1.5 billion. It highlights the risks of managing keys and permissions.
• Smart Contract Logic Exploits: GMX_IO was hit by a reentrancy attack and lost $41 million. Cetus lost up to $223 million from an integer overflow vulnerability. These flaws show that attacks target the economic and mathematical logic of protocols.

These incidents show a hard truth: in the open world of Web3, defenders have little time to react.

Phalcon Security is an advanced, real-time security platform from BlockSec. It aims to transform the reactive security landscape. It focuses on defense. It serves as the last line of strong protection. It identifies and stops harmful transactions before any asset loss occurs.

It’s more than a tool. It’s a next-gen security system. It offers transaction interception while in transit, full coverage, and customizable support.

Building the Web3 Security Moat: A Closed Loop from Alert to Block

Facing billions in annual losses, Web3 companies are confronting heightened security risks.

1. “Zero-Day” Attacks: Minimal Time for Defenders

Hacker attacks are now highly automated. The time from spotting a chance in the mempool to executing the attack is often less than 1 second. Traditional alert systems can’t intercept effectively within this millisecond window of potential loss.

2. Economic Model Risks: Dynamic and Hard to Prevent

Complex attacks, such as TWAP oracle manipulation and empty-market exploits, take advantage of the protocol’s economic logic. This risk is tough for traditional methods to catch, leading to new attack pathways.

3. L2/Chain’s “Ecosystem Security” Challenge

For L2 and public chains, ecosystem success is tied to security. They must provide a strong security layer for the many smart contracts (DeFi, GameFi) on their chain. A chain that can proactively identify and filter malicious transactions boosts security and user confidence.

Phalcon Security: The Ultimate Proactive Defense Solution

Phalcon Security’s strength lies in two modules — Real-Time Monitoring (Monitors) and Proactive Blocking (Actions) — creating a complete defense loop.

I. Real-Time Monitoring & Alerting: See the Threat

We start with risk analysis through detailed monitoring, giving projects threat intelligence before an attack occurs.

Full-Spectrum Tiered Risk Monitoring:

• Attack: 24/7 scanning of smart contract logic and high-risk transaction anomalies.
• Operational Risk: Monitoring oracle price anomalies and governance process gaps to prevent exploitation.
• Financial Risk: Tracking sharp TVL changes, liquidity pool issues, and collateralization problems to spot economic threats.
• Interaction Risk: Detecting risky user actions, such as interacting with blacklisted addresses or large withdrawals to suspicious addresses.

Real-Time Threat Perception:

Monitoring on-chain anomalies in real time to deliver actionable threat intelligence.

Customizable Alert Strategies:

A robust rule engine lets users define custom monitoring logic and alert thresholds, adapting to complex multi-chain and multi-asset needs.

II. Proactive Defense and Blocking: Pinpoint Accuracy and Ironclad Defense

This is Phalcon Security’s core strength: using automated responses to stop attacks before asset loss occurs.

In-Transit Interception & Blocking:

• Core Feature: Immediately complete the malicious determination while the attack transaction is in the Mempool stage.
• Use Case: The platform automatically triggers an emergency response, precisely blocking the transaction from going on-chain before the hacker touches the assets.

Zero-Day Emergency Plan:

• Core Feature: Pre-set automated blocking logic for specific high-risk contracts.
• Use Case: Effectively counter zero-day vulnerabilities and sudden emergencies, triggering security mechanisms instantly without human intervention to reduce potential loss to zero.

STOP Platform (For L2/Chains):

• Core Feature: Provides a sequencer-level security service.
• Use Case: Real-time detection of attack transactions targeting smart contracts. The STOP platform allows the sequencer to identify and choose to drop these malicious transactions before packaging them, and can add attacker addresses to a chain-level blacklist, thereby enhancing the security of the entire public chain ecosystem at the source.

Hardcore Capabilities: Answering Your Doubts

Q1: What risk scenarios are covered by security monitoring?

A: We cover everything from hacker attacks to business risks, with extensive customization.

• Core Security: Monitoring attacks from code flaws or high-risk transfers due to key leaks.
• Comprehensive Risk: Addressing financial (price anomalies), operational (oracle), and interaction (high-risk addresses) risks.
• Custom Monitoring: Supports tailored monitoring and alerting strategies based on specific project needs.

Q2: What successful attack-blocking cases do you have?

A: We have a track record of rescuing significant assets for major projects.

• Representative Cases: Successfully blocked attacks for notable projects including Manta, KiloEx, Loot, Paraspace, Platypus, TransitSwap, Saddle Finance, and HomeCoin.
• Case Studies: For more details, visit our blog series.

Q3: How fast is the detection and emergency response?

A: We achieve “zero-delay” response before the attack hits the chain, reducing loss to zero.

• Millisecond Detection: Accurate identification of the attack transaction while it is still in the memory pool (Mempool).
• Automated Blocking: Immediately trigger automated emergency plans, blocking the attack before it succeeds and minimizing potential losses.

Security as Your Growth Engine

Security and compliance shouldn’t be burdens; they should drive innovation. Phalcon Security offers an automated closed-loop system: Threat Identification → Proactive Blocking → Continuous Hardening.

Experience Phalcon Security now and let proactive defense become your most solid growth engine.

This article provides BlockSec’s analysis of the Financial Stability Board’s (FSB) Thematic Review on FSB Global Regulatory Framework for Crypto-asset Activities (October 2025), offering readers an in-depth understanding of the current global stablecoin regulatory landscape and its challenges.

I. The FSB: Key Standard Setter for Global Stablecoin Regulation

The Financial Stability Board (FSB) connects G20 countries and key financial hubs. It sets global standards for stablecoins. It gathers senior decision-makers from treasury departments, central banks, and regulatory bodies. This improves coordination.

The FSB influences through “moral suasion and peer pressure.” When it reaches a consensus, members commit to implementing those standards nationally. This method works in traditional finance. However, it has challenges in the fast-paced stablecoin sector.

In July 2023, the FSB launched its global stablecoin regulatory framework. This is the first time there has been a systematic standard for oversight. The peer review report from October 2025 looks at how well the framework worked after more than two years of use.

II. The Global Status of Stablecoin Regulation: Harsh Realities from the FSB Peer Review

The FSB’s latest assessment shows a troubling global stablecoin regulation picture. While some progress exists in crypto-asset regulation, stablecoin regulation lags. The current approach reflects a “few leaders, many observers” mentality.

The report notes that “few places have set up strong, stablecoin regulations.” This stands out because the stablecoin market has grown quickly, reaching over $150 billion by August 2025.

Even where frameworks exist, “full consistency with FSB recommendations remains limited.” Differences in regulatory scope and definitions complicate cross-border harmonization.

III. A Breeding Ground for Regulatory Arbitrage: Systemic Risks from Uneven Stablecoin Regulation

The FSB report points out a major risk: uneven rules can lead to regulatory arbitrage. This makes it harder to oversee global crypto-asset markets. This is a major issue in stablecoin regulation.

Regulatory arbitrage is common in the stablecoin sector. Issuers often engage in “regulatory shopping,” choosing jurisdictions with looser requirements. This undermines policies in regulated areas and raises systemic risks globally.

The report warns that areas trying to be “minimally regulated crypto hubs” might “cause excessive leverage and unclear exposures, raising systemic risk.” This “race to the bottom” competition for relaxed regulation affects policy efficacy and risks triggering cross-border contagion of systemic risks.

IV. Regulatory Blind Spots in Cross-Border Stablecoin Issuance

The FSB report talks about stablecoins from different regions. These are issued by the same or related entities. Many FSB members raised concerns about this model.

This cross-border issuance introduces significant regulatory challenges.

1. Ambiguity of Responsibility: No clear international system exists to decide which regulator oversees the issuing entity.
2. Identifying Risk Exposure: Cross-border issuers can have different reserve assets. They also use various risk management strategies. This makes risk assessments more complex.
3. Regulatory Avoidance: Issuing across borders can create a “regulatory facade.” It allows businesses to move to lenient jurisdictions, which misleads users and weakens authority.

V. An Objective Review: Opportunities and Challenges

On the positive side, the FSB report shows a growing understanding of stablecoin risks. Jurisdictions are creating specialized frameworks, like MiCAR in the EU. Technical standards are also aligning for reserve asset transparency and redemption methods.

However, the main challenge is diminishing regulatory effectiveness due to inconsistent standards. Strict jurisdictions have a “reverse selection” problem. Quality projects often shift to more lenient areas. This movement exposes local markets to higher risks. Additionally, insufficient enforcement complicates oversight.

VI. Building a Global Stablecoin Regulatory Coordination Mechanism

To address fragmentation, the FSB seeks better international standards.

This will help stop the “fragmentation of global liquidity.” Key priorities are:

• Establishing cross-border regulatory cooperation.
• Enhancing supervisory technology with RegTech and blockchain analytics.

The clear message from the FSB is that global crypto regulation is fragmented. Crypto institutions need professional compliance solutions to navigate this complexity. BlockSec, known for its global regulatory expertise, provides full compliance support via the Phalcon Compliance.

The Phalcon Compliance provides:

• Real-time tracking of regulatory changes across 50+ jurisdictions.
• Intelligent matching of regulatory requirements to business models.
• Identification and mitigation of cross-border compliance risks.

BlockSec simplifies complex demands into standard processes. This helps businesses stay compliant and focus on innovation, even with changing regulations.

📚 Regulatory Jargon Dictionary

The FSB report includes several key terms that are relevant to the crypto space:

• “Regulatory Shopping”: Seeking jurisdictions with lenient requirements to lower compliance costs.
• “Race to the Bottom”: This is when places cut standards to draw in businesses, which can harm market stability.
• “Regulatory Facade”: Getting a license in a strict area just for show, while risky activities happen in other places.
• “Cross-border Contagion”: The rapid spread of financial risk from one jurisdiction to another, a key concern for the FSB.

A new academic paper, “Unmasking the Shadow Economy: A Deep Dive into Drainer-as-a-Service Phishing on Ethereum,” has provided the first systematic look into a sophisticated criminal enterprise plaguing the Web3 space. This joint research by Zhejiang University and Mohamed bin Zayed University of Artificial Intelligence (MBZUAI) uncovers the mechanics of “Drainer-as-a-Service” (DaaS) — a thriving underground economy that has stolen over 💲135 million from 76,582 victims.

We at BlockSec are especially proud that the paper’s first author, Bowen He, conducted part of this pivotal research during his internship with our team.

The DaaS Business Model: Industrializing Cybercrime

Unlike traditional, ad-hoc phishing, DaaS operates like a structured B2B software company. The paper details a clear operational pipeline:

1. Operators (The Developers): These are the masterminds who develop and maintain sophisticated “wallet drainer” toolkits. These kits include phishing website templates and, crucially, automated profit-sharing smart contracts.
2. Affiliates (The Distributors): They “lease” or acquire these toolkits. Their job is to deploy the phishing sites and drive traffic, luring victims through social media, fake airdrops, and compromised accounts.

1. Once a victim is deceived into signing a malicious transaction, the stolen funds are automatically divided by the smart contract. The paper finds that the most common split is 20% to the operator and 80% to the affiliate. This high commission powerfully incentivizes affiliates to maximize their reach and scale the attacks, fueling the entire ecosystem.

Mapping a $135M Heist: The “Snowball Sampling” Approach

To quantify this shadow economy, the researchers developed an innovative “snowball sampling” approach. Starting from a seed set of known phishing addresses, they traced on-chain profit-sharing transactions to recursively discover new operators, affiliates, and contracts.

The findings from March 2023 to April 2025 are staggering:

• ● Total Stolen: 💲135 million ($23.1M for operators, $111.9M for affiliates)
• ● Criminal Infrastructure: 1,910 profit-sharing contracts and 87,077 profit-sharing transactions.
• ● Criminal Network: 56 core operator accounts and 6,087 affiliate accounts.

The attacks are technically sophisticated. The paper reveals that drainers use different methods depending on the asset:

• ● For ETH: Victims are tricked into calling a payable function (e.g., named “claim” or “mint”).
• ● For ERC-20s & NFTs: Phishing sites prompt victims to approve their assets to the drainer contract. The operator then uses a TransferFrom function to execute multiple transfer calls in a single transaction, draining various assets at once.

The Dominant Crime Families

The DaaS landscape is not a fragmented market. The research identifies nine major “families,” with three groups dominating the network and capturing 93.9% of all illicit profits:

1. Angel Drainer ($53.1M)
2. Inferno Drainer ($59.0M)
3. Pink Drainer ($14.7M)

1. These are not just brand names; they are distinct organizations with unique operational strategies. The paper highlights how they manage their affiliate networks:

• ● Advanced Management: Top families like Angel and Inferno Drainer provide affiliates with dedicated admin panels to track their earnings in real-time.
• ● Gamified Incentives: They employ leveling systems. For instance, Inferno Drainer categorizes affiliates into tiers based on profit ($10k, $100k, $1M), offering top-tier members better support and rewards.
• ● Bonus Rewards: To motivate performance, Angel Drainer randomly awards NFTs to high-earning affiliates, while Inferno Drainer periodically gives out rewards in ETH and even BTC to top performers.

A Massive Security Blind Spot

Using toolkit file fingerprints and monitoring Certificate Transparency logs for suspicious domain names, the researchers actively hunted for DaaS websites. They successfully identified and reported 32,819 phishing sites.

However, the most alarming discovery was the inadequacy of current industry defenses. The study found that only 10.8% of the DaaS-related addresses in their dataset were previously flagged on public trackers like Etherscan. This reveals a vast blind spot, allowing these criminal networks to operate with relative impunity.

Why This Research Is a Critical Wake-Up Call

The DaaS phenomenon proves that Web3 phishing has evolved from a simple scam into an industrialized, service-based criminal economy. It expertly exploits the permissionless and composable nature of DeFi for malicious ends.

This research underscores an urgent need for multi-layered security:

• ● Proactive Threat Detection: Going beyond simple blacklists to identify criminal infrastructure as it’s being built.
• ● Advanced Wallet Security: Implementing robust transaction simulation and clear, human-readable warnings before users sign away their assets.
• ● Ecosystem-Wide Collaboration: Creating faster, more comprehensive channels for sharing threat intelligence and labeling malicious addresses.

This research marks a turning point. Phishing on Ethereum is no longer a side hustle — it’s an industrialized, revenue-sharing economy operating in plain sight. At BlockSec, we will continue to leverage cutting-edge research to build the next generation of security tools that can effectively counter these evolving, professionalized threats.

See the paper: https://yajin.org/papers/imc26_daas.pdf

Recently, Australia’s Home Affairs Minister Tony Burke officially announced new regulations targeting cryptocurrency ATMs, classifying them as “high-risk products” associated with money laundering, fraud, and child exploitation.

According to Burke, the number of crypto ATMs in Australia has surged from just 23 to over 2,000 in six years. An AUSTRAC investigation revealed that 85% of large transactions conducted via these terminals were linked to scams or illicit activities.

The proposed legislation would empower AUSTRAC to restrict or prohibit high-risk products, explicitly including crypto ATMs. Burke confirmed that the bill will be introduced to Parliament in the coming months.

Meanwhile, on August 4, 2025, the U.S. Financial Crimes Enforcement Network (FinCEN) issued notice FIN-2025-NTC1, warning financial institutions of illegal activity tied to Convertible Virtual Currency kiosks (CVC kiosks) — the technical term for crypto ATMs — and setting clear expectations for Suspicious Activity Reports (SARs) and AML compliance obligations.

1. What Are CVC Kiosks?

CVC kiosks function similarly to traditional ATMs, allowing users to buy or sell cryptocurrency with cash. They are often found in convenience stores, gas stations, and shopping areas, and typically support Bitcoin transactions, along with other cryptocurrencies like Litecoin and Ethereum.

Yet, their risks have become increasingly apparent.

In 2024, the FBI’s Internet Crime Complaint Center (IC3) received over 10,900 complaints related to crypto ATM fraud, with victim losses exceeding $246.7 million — a 99% surge in cases and 31% increase in losses compared to 2023.

The FTC similarly reported an “explosive rise” in scams involving crypto ATMs.

The reasons are clear: once a crypto transfer is executed, it’s nearly irreversible and instantaneous, unlike traditional bank transfers that can take days to settle. This gives victims virtually no time to recover lost funds.

Alarmingly, seniors are the main victims — individuals aged 60+ are three times more likely to fall prey to crypto ATM scams, accounting for two-thirds of all reported losses.

2. Crypto ATMs as Laundering Tools

Beyond scams, CVC kiosks have become powerful tools for drug cartels and organized crime.

FinCEN’s analysis of Bank Secrecy Act (BSA) data shows frequent use of kiosks to clean narcotics proceeds. The U.S. Drug Enforcement Administration (DEA) further confirmed that transnational crime groups like the Jalisco New Generation Cartel (CJNG) increasingly rely on CVC for rapid cross-border transfers that bypass traditional cash smuggling risks.

In Illinois, for example, there are 1,626 crypto ATMs, with over 1,100 located in Chicago alone — now a major hub for laundering cartel funds.

DEA investigations found that criminals from other states even travel to Chicago specifically to convert drug money into crypto before sending it overseas.

3. The Compliance Landscape for CVC Operators

Globally, the number of crypto ATMs has skyrocketed — in the U.S. alone, from 4,128 to 37,342 machines in six years, while Hong Kong SAR has deployed around 224 units, mostly clustered in busy commercial zones like Mong Kok.

However, FinCEN warns that the compliance rate among CVC operators is “alarmingly low.” Many are operating in violation of BSA obligations, dramatically amplifying financial crime risks.

What legitimate operators must do

Under the BSA, CVC kiosk operators qualify as Money Services Businesses (MSBs) — meaning operating without registration is equivalent to running a bank without a license. Violators face criminal prosecution.

They must:

• Register with FinCEN within 180 days of launching operations.
• Report large or suspicious transactions — filing CTR for cash transactions over $10,000 and SAR for suspicious activity exceeding $2,000.
• Maintain records of customer identification and transaction data for at least 5 years.

States like California have gone further, capping daily transaction limits per customer at 💲1,000. In Iowa, the Attorney General sued two operators whose kiosks facilitated over $20 million in fraud.

4. Widespread Violations and Enforcement Actions

A 2021 New Jersey investigation found that one-third of operators were unregistered with FinCEN. Others ignored KYC requirements, accepting transactions based on phone numbers or email alone — creating ideal conditions for scammers.

Some even falsified business registrations, used personal or fake company bank accounts, and structured transactions to evade CTR/SAR thresholds, a practice strictly prohibited under federal law.

FinCEN’s notice cites real enforcement examples:

• Orange County Case (2021): Former bank employee Kais Mohammad operated an unregistered ATM network processing over $25 million, failed to implement AML checks, and was sentenced to 24 months in prison.
• New Hampshire Case (2022): Three operators used fake company accounts for crypto ATM cash deposits and were convicted of wire fraud, facing prison and fines.

Dozens of similar prosecutions have occurred nationwide, with fines reaching millions of dollars and mandatory forfeiture of illegal proceeds.

5. Lessons for the Web3 Industry

While FinCEN and AUSTRAC’s actions appear focused on physical crypto ATMs, they reflect a broader message for the Web3 ecosystem: compliance is not optional — it’s existential.

From scammers exploiting AML gaps to operators facing prosecution, these cases underscore one truth: “Risk knows no boundaries, and compliance leaves no shortcuts.”

The lesson extends beyond ATMs — to exchanges, DeFi protocols, and payment platforms.

As global regulators shift from reactive to proactive enforcement, integrated AML tools like those powering next-generation compliance systems are becoming essential infrastructure for digital finance.

Web3 innovation should never come at the cost of compliance — and this global crackdown proves it.