Solana Projects › BlockSec

BlockSec

Full-stack blockchain security and crypto compliance provider founded by academics, now covering Solana with audits, real-time threat blocking, and fund tracing.

Programs · 24h on-chain

On-chain activity

All programs →

BlockSec Auditing

BlockSec Auditing is a smart contract security auditing service with automated analysis tools and manual verification processes. The service covers technical, business, and financial aspects with detailed vulnerability detection and remediation recommendations.

Visit
About

BlockSec

TLDR

BlockSec is a full-stack blockchain security and compliance firm founded in 2021 by academic researchers who have spent years studying on-chain exploit patterns. The company operates across three interconnected disciplines: pre-deployment auditing (smart contracts, L1/L2 infrastructure, wallets), live threat monitoring and automated blocking (the Phalcon platform), and post-incident fund tracing and compliance tooling (MetaSleuth, Phalcon Compliance). As of February 2025, all three pillars extend to Solana. BlockSec is not a token-issuing DeFi protocol but a B2B security services company whose clients include Uniswap Foundation, Compound, Coinbase, Bybit, OKX, MetaMask, and PancakeSwap.

Background and Founding Team

BlockSec was established in 2021 by Zhou Yajin and Wu Lei, both professors at Zhejiang University in China who hold PhDs from North Carolina State University and previously conducted blockchain security research at Qihoo 360. The academic foundation is intentional — the firm's detection methodology draws directly from published vulnerability research rather than purely operational pattern libraries. The company describes itself as having conducted blockchain security research since 2018, giving the team several years of pre-company vulnerability history before taking on commercial clients.

Funding rounds total approximately $9 million: an undisclosed seed round in December 2021 led by Fenbushi Capital (with A&T Capital, Qulian, Impossible Finance, Incuba Alpha, and NEAR MetaWeb Ventures), followed by an $8 million Seed+ round in 2022 led by Vitalbridge Capital and Matrix Partners (with Mirana Ventures, CoinSummer, and YM Capital).

Core Mechanism and Products

BlockSec's product stack is organized around three stages of the security lifecycle.

Pre-deployment: Audits

BlockSec conducts smart contract audits for dApps and protocols, infrastructure audits for L1/L2 chains and wallets, and business logic reviews. Audit methodology uses a multi-reviewer model: independent code analysis followed by structured cross-checks and threat modeling, with the option for customized fuzzing on complex codebases. Reports include severity classifications and mitigation guidance and are signed and published. The firm operates an invite-only audit process with a defined scope-definition phase before any engagement commences.

For Solana specifically, BlockSec applies expertise in the account model — program design, asset movement, and trust boundaries in Solana's non-EVM execution environment — as well as cross-program invocation (CPI) patterns, upgrade authority management, and type confusion vulnerabilities. The firm published a seven-part educational series called Secure the Solana Ecosystem covering attack surfaces from program deployment and client interaction through to multi-signature implementations and advanced PDA-based patterns. A publicly documented Solana audit includes OKX's smart-wallet-recovery and groth16-solana program from October 2025, involving ZK-Email proofs and ECDSA verification.

Live protection: Phalcon Security

Phalcon is BlockSec's real-time monitoring and automated blocking platform, operating as an invite-only service. It scans every mempool and on-chain transaction against a detection engine built on over 200 attack characteristics, covering operational risks (program upgrades, authority changes), financial risks (suspicious token flows, abnormal price movements), interaction risks, and multi-sig wallet anomalies. When the platform identifies a malicious transaction, it can automatically initiate a gas-bidding countermeasure to front-run the attacker and prevent the exploit.

Solana support launched in February 2025. On Solana, Phalcon delivers real-time operational risk alerts for program upgrades and authority changes; security risk alerts for suspicious token fluctuations and abnormal price movements; attack transaction monitoring using pattern detection adapted to Solana's runtime; customizable monitoring rules for variables and function invocations; and bespoke expert-designed solutions for individual protocols. The Phalcon Explorer visualization tool also extends to Solana, providing fund flow graphs, account relationship mapping, MEV activity identification, and address labeling.

Supported chains span Ethereum, BSC, Arbitrum, Avalanche, Base, Solana, Optimism, Gnosis, Mantle, Manta, and Morph. The platform is used by protocols, liquidity providers, L1/L2 chains, and exchanges. BlockSec also offers an Anti-MEV RPC that routes transactions through MEV-protected infrastructure to reduce sandwich attacks and front-running.

For L2 chains, BlockSec operates a product called STOP that performs millisecond-level transaction screening at the sequencer layer before block inclusion, enabling pre-confirmation threat detection at the infrastructure tier.

Post-incident and compliance: MetaSleuth and Phalcon Compliance

MetaSleuth is a standalone cross-chain fund tracing and investigation platform supporting 12 networks including Bitcoin, Ethereum, BSC, TRON, Solana, Arbitrum, Polygon, Optimism, Avalanche, Base, Linea, and Mantle. It offers visualization canvases that map fund flows across chains, over 600 million address labels for entity identification, batch import/export, collaboration features with watermark protection, and real-time monitoring with customizable alerts. Use cases span research due diligence, exchange compliance workflows, fraud recovery, and risk scoring via an API.

Phalcon Compliance is the firm's crypto AML/CFT toolkit aimed at VASPs, exchanges, and financial institutions. It provides KYA (Know Your Address) and KYT (Know Your Transaction) screening, real-time alerts on illicit fund flows, case workflow management, and SAR/STR export functionality. It connects to Phalcon Network, BlockSec's public intelligence layer for tracking illicit cryptocurrency activity. Coverage extends to over 50 countries and includes engagement with regulatory bodies such as the United Nations and the Hong Kong Police Force.

In June 2026, BlockSec released Web3 Companion, an open-source agentic wallet focused on security-first design with key isolation and hard policy enforcement.

Tokens and Assets

BlockSec has not issued a native token. It is a revenue-generating security services company. Clients pay for audits, platform subscriptions (Phalcon, MetaSleuth), and compliance tooling. There are no governance tokens, yield-bearing instruments, or on-chain treasuries associated with the project.

Security Record and Industry Standing

BlockSec tracks its own performance through an internal Security Incidents Library covering DeFi exploits across the ecosystem. The firm claims to have blocked more than 20 real-world attacks and prevented over $20 million in losses, as well as facilitating recovery of $20 million in attacked assets via white-hat intervention. The platform's false-positive rate is claimed to be near zero through a combination of DeFi semantic modeling and AI-assisted detection.

Industry reviews in 2025 and 2026 position BlockSec alongside Halborn, Trail of Bits, and ConsenSys Diligence as a top-tier auditor, specifically citing the firm's operation of both an incident library and live response tooling as a meaningful methodological advantage over firms whose methodology derives only from code review without live exploit exposure.

Notable clients on the audit side include Uniswap Foundation, Compound Finance, MetaMask, Forta, and PancakeSwap. On the monitoring and compliance side, clients include Coinbase, Crypto.com, Bybit, and OKX. The firm claims to have served over 500 clients and to safeguard over $50 billion in on-chain assets.

Solana Fit

BlockSec's Solana presence spans the full product suite. The Phalcon Security monitoring and blocking platform extended to Solana in February 2025. Phalcon Explorer's visualization and forensics tools support Solana transaction analysis. MetaSleuth includes Solana in its 12-chain fund tracing coverage. The dedicated Solana audit practice addresses account model security, CPI patterns, and upgrade authority risks. The firm's published educational series on Solana-specific attack surfaces demonstrates documented expertise in the unique security risks of the account-based runtime, rather than porting EVM assumptions to a different architecture.

For Solana protocols requiring pre-launch audit, live monitoring, or compliance tooling, BlockSec offers a vertically integrated option where the same firm that reviewed the code can also watch it in production.

Contents

Note: inclusion in Solana Compass directory does not indicate a recommendation or endorsement of this project, its token(s) or its products. Data sourced with thanks from The Grid to aid in building these pages.

Reviews

0.0
0 reviews
Please login to write a review.
Solana tokens

Solana Token Markets

Explore all tokens →