FailSafe: Advanced Security for Digital Assets
  • Introduction to FailSafe
  • Whitepaper
    • Introduction
      • Defense-in-Depth
      • Forward Security
    • Web3 Threats to Your Crypto
      • The Human Factor: Design with Operator Error in Mind
    • Defense-in-Depth & the Lifecycle of a Transaction
      • Defense 1: de-risk Web3 Asset Positions
      • Defense 2: FailSafe Blockchain Reconnaissance
      • Defense 3: FailSafe Interceptor Service
      • Discussion
    • FailSafe Architecture
      • Forward Security in FailSafe
        • Quantum Threats to EVM-based Blockchains
          • On ECDSA Key Re-use
          • On New Quantum-resilient Alternatives
          • Account Abstraction as a Path to Sunseting ECDSA on Ethereum?
        • Introducing the Quantum Migration Tool (qMig)
          • Assumptions and Goals
          • How Does qMig work?
          • Discussion
          • FailSafe+qMig
    • Conclusion
    • Further Reading
  • How FailSafe helps your Organisation
    • Reduce Attack Surface Area
    • Radar for Security Risks
    • React to Malicious Threats
    • Forward Security against Looming Quantum Computing Threats
  • FailSafe as a tool for Enterprise Risk Management
Powered by GitBook
On this page
  1. Whitepaper

Defense-in-Depth & the Lifecycle of a Transaction

Last updated 2 years ago

Failsafe is built on the defense-in-depth principle: a multilayered set of security mechanisms, with built in redundancy, designed to minimise loss of user assets even in the worst case circumstances (e.g., user is tricked into giving away the wallet’s passphrase).

To understand how this works, let's take a closer look at the lifecycle of a transaction: from initial user engagement phase with the dApp, to the point it becomes part of a permanent record on a public ledger (as illustrated in figure 1).

Figure 1: Timeline of a Transaction

Each phase presents both an opportunity for the attacker, as well as a chance to employ a countermeasure.