“Blockd.” That’s the message that appears if a hacker tries to steal funds out of an account protected by a new blockchain security system—even if they have access to the wallet’s private key.
Blockd makes use of what Robert Forster, its originator, considers Ethereum’s implicit “Replace-by-Fee” protocol, which replaces an unconfirmed transaction with another transaction from an empty wallet with a higher transaction fee.
“It's of enormous importance to blockchain because of the implications of how attractive blockchain is for a hacker,” Forster told Decrypt. “Theoretically, just the simple existence of Blockd—even if no one uses it—should make hacking less attractive,” he said.
If hackers think that a wallet might be protected by Blockd, they might send a transaction with a higher gas price, meaning that they’ll ultimately receive less ETH for hacking. “At that point, the reward for hacking is lower, and there's less incentive to hack wallets—even if no one's using Blockd,” Forster said.
Forster, 26, of San Francisco, California, came up with the idea after identifying a pattern in blockchain hacks and working out that most hacks can be detected before they happen. After a bit of digging, he came up with the idea for Blockd, which launched in October 2019.
“The goal is to protect as many people as possible, make blockchain safer, and make blockchain more attractive to use to people who aren't comfortable with being in control of their own funds,” he said.
Blockd spiked in popularity this month when Forster pulled a stunt on Reddit, posting his private key and inviting someone to take one Ether, worth $136 at the time. One user, “gucards”, took the bait, and footed the bill for the switcheroo. Impressed, he signed up for the service.
Blockd is free until the end of the month, and then costs $3.99 per month for most users. If you have over $100,000 of funds, Blockd will take a 0.005% cut.
Forster said that Blockd reverses the tactics used by those behind the Fairwin Ponzi scheme; the gas-guzzling Ethereum smart contract that, at its peak, accounted for over 51 percent of all gas on the Ethereum network, and held over $125 million.
When Fairwin’s users tried to withdraw their funds, the owners of the smart contract diverted the money into a fund they controlled.
On Blockd, instead of a hacker detecting a transaction and then being able to attack the contract, Forster said, “we front run the hacker to stop the hack from happening.”
It currently only works for Ether, but Forster said he plans to add support for ERC-20 tokens in the future, and add support for more blockchains.
The code isn’t audited, but Forster plans to make it public sometime soon. In any case, he says the code is fairly simple, and Blockd won’t have access to your private keys.