An easily deployable service to monitor mission-critical SPL token accounts

Related tags

Cryptography security monitoring solana spl-token
Overview

Vault watcher



Monitoring critical spl-token accounts in real time



Table of contents


  1. Introduction
  2. Usage
  3. Configuration
  4. Configuration examples
  5. Grafana



Introduction


This security utility can be deployed as a container on a server to enable the monitoring of mission-critical spl-token accounts. Thanks to compatibility with Slack notifications, it constitutes the basis for a simple early warning system able to detect suspicious variations in account balances. As such, it can help help detect critical bugs in production systems, as well as intentional attacks resulting from contract exploits, key theft, rogue agents/teams, etc.


Usage


Although the vault-watcher service can be used directly as a binary with a custom postgres instance, we recommend using docker-compose.

git clone [email protected]:Bonfida/vault-watcher.git
cd vault-watcher
cp _accounts.json accounts.json
cp _config.json config.json
cp _.env .env

The accounts.json and config.json should then be edited to configure the service. Optionally, the .env file can be edited as well. Once this is done, we start the docker containers.

sudo docker-compose build
sudo docker-compose up

The Postgres database can be directly accessed. In addition, a grafana instance with a simple provisioned dashboard can be found running at http://localhost:3000 by default.


Configuration


config.json

Field Name Type Description
endpoint string URL for the Solana RPC endpoint to connect to
refreshPeriod integer Period between account polls in milliseconds. All polls are written to the database.

accounts.json

An array of accounts objects containing

Field Name Type Description
name string User-readable identifier for the account to monitor. Maximum length is 50 characters.
address string The public key in base58 format for the account to monitor
maxChange float The maximum allowable amplitude of balance change (in UiAmount)
maxChangePeriod integer Maximum number of milliseconds over which a maxChange balance variation is allowed without triggering a notification

.env

The .env file is used to define additional configuration through environment variables.

Var name Description
POSTGRES_PASSWORD Password for direct access to the underlying balance history database
DB_PORT Port number for the accessible locahost postgres database
GRAFANA_PORT Port number on localhost for the grafana interface
SLACK_URL Slack hook url used to push balance notifications to a Slack channel

Configuration examples


For example, if your endpoint is https://solana-api.projectserum.com and you want to poll data every 5s:

{
  "refreshPeriod": 5000,
  "endpoint": "https://solana-api.projectserum.com"
}

For example if you want to monitor 2Av1qmnqjLcnA9cpNduUL9BQcitobBq1Fiu7ZA4t45a6 and allow a max variation of 1,000 tokens every 5s:

{
  "address": "2Av1qmnqjLcnA9cpNduUL9BQcitobBq1Fiu7ZA4t45a6",
  "maxChange": 1000,
  "maxChangePeriod": 5000,
  "name": "My token account"
}

Grafana


Historical balances can be monitored using Grafana through port 3000

You might also like...
Dank - The Internet Computer Decentralized Bank - A collection of Open Internet Services - Including the Cycles Token (XTC)
Dank - The Internet Computer Decentralized Bank - A collection of Open Internet Services - Including the Cycles Token (XTC)

Dank - The Internet Computer Decentralized Bank Dank is a collection of Open Internet Services for users and developers on the Internet Computer. In t

Psychedelic 56 Nov 12, 2022
NFT & Marketplace Contracts with royalties and fungible token support. Sample React app included.
NFT & Marketplace Contracts with royalties and fungible token support. Sample React app included.

NFT Market Reference Implementation A PoC backbone for NFT Marketplaces on NEAR Protocol. Reference Changelog Changelog Progress: basic purchase of NF

NEAR App Examples 156 Apr 28, 2022
Bespoke toolkit for Non-fungible token (NFT) technology 🚀
Bespoke toolkit for Non-fungible token (NFT) technology 🚀

Bespoke toolkit for Non-fungible token (NFT) technology 🚀 What is Onft? Instead of forcing a consensus algorithm or peer networking on you, Onft prov

Owez 5 Jan 9, 2022
Dfinity's fungible token standard. Any PRs and comments are welcome,collaborate with us to build this standard

Dfinity's fungible token standard. Any PRs and comments are welcome,collaborate with us to build this standard

Deland Labs 46 Nov 7, 2022
Scans the Ethereum network for USDT ERC-20 token transfer transactions

ethscan This is a Rust command line program for scanning the Ethereum blockchain for USDT transfers within a time span and amount span. prerequisites

Frank Buss 4 Oct 6, 2022
DIP721 - An Internet Computer Non-fungible Token Standard
DIP721 - An Internet Computer Non-fungible Token Standard

DIP721 - Introduction DIP721 is an ERC-721 style non-fungible token standard built mirroring its Ethereum counterpart and adapting it to the Internet

Psychedelic 48 Nov 24, 2022
Making Token Exchange program with Solana(Rust), Web3, and Vue
Making Token Exchange program with Solana(Rust), Web3, and Vue

Escrow program for Solana blockchain Tech stack Program (Smart Contract) Rust crates: solana-program, spl-token Solana CLI for test validator UI Types

Hoon Wee 3 May 10, 2022
Create your personal token with rust smart contracts

Solana Rust Token 💰 This application written Rust using Anchor ⚓

Ritesh 6 Nov 22, 2022
Swap token protocol for cryptocurrencies, supported in cosmos network, such as UST, LUNA, LUNI, etc.

Tokenswap This is a Smart Contract built in Rust to run inside Cosmos SDK module on all chains that enable it. To understand the framework better, ple

Smart Geek 6 Dec 12, 2022
Owner
null
GitHub
Diem’s mission is to build a trusted and innovative financial network that empowers people and businesses around the world.

Note to readers: On December 1, 2020, the Libra Association was renamed to Diem Association. The project repos are in the process of being migrated. A

Diem 16.7k Jan 9, 2023
Yi Token by Crate Protocol: the primitive for auto-compounding single token staking pools.

yi Yi Token by Crate Protocol: the primitive for auto-compounding single token staking pools. About Yi is a Solana primitive for building single-sided

Crate Protocol 12 Apr 7, 2022
The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime.

Solana Program Library The Solana Program Library (SPL) is a collection of on-chain programs targeting the Sealevel parallel runtime. These programs a

null 6 Jun 12, 2022
All the data an IC app needs to make seamless experiences, accessible directly on the IC. DAB is an open internet service for NFT, Token, Canister, and Dapp registries.

DAB ?? Overview An Internet Computer open internet service for data. All the data an IC app needs to make a seamless experience, accessible directly o

Psychedelic 58 Oct 6, 2022
Allows deploying modules to Aptos under resource accounts.

Aptos Deployer Module containing helpers for deploying resource accounts. Resource accounts allow the module to sign as itself on-chain, which is usef

Deploy DAO 6 Oct 31, 2022
hello-world geyser plugin to stream accounts and transactions from a solana node

src/lib.rs: entrypoint src/plugin.rs: main plugin code to run: cargo build && solana-test-validator -r --geyser-plugin-config config.json note: make s

null 4 Nov 18, 2022
Anchor Design of contract - Accounts, Parameters

MarketplaceDesign Anchor Design of contract - Accounts, Parameters Main Instructions are Initialize ListForSale AcceptOffer CancelList MakeOffer Cance

James Johnson 8 Sep 1, 2022
CLI tool for deterministically building and verifying executable against on-chain programs or buffer accounts

Solana Verify CLI A command line tool to build and verify solana programs. Users can ensure that the hash of the on-chain program matches the hash of

Ellipsis Labs 5 Jan 30, 2023
Library and CLI tool for generating Radix Babylon Accounts.

Wallet Compatible Derivation This repo is a package containing two crates - a library named wallet_compatible_derivation and binary named wallet_compa

Radix DLT 3 Feb 28, 2024
Tool written in Rust to perform Password Spraying attacks against Azure/Office 365 accounts

AzurePasswordSprayer Tool written in Rust to perform Password Spraying attacks against Azure/Office 365 accounts. It is multi threaded and makes no co

Pierre 7 Feb 27, 2024