Harpie: Frontrunning Malicious Transactions with Daniel Chong
16 February 2023Summary
I’m joined today by Harpie founder Daniel Chong. Harpie describes itself as an onchain firewall that protects NFTs from theft. In this episode we discuss how Harpie’s mempool monitoring and emergency vault contract works on a technical level. We also cover Harpie’s unique business model, and their growing enterprise service which grants organizations like OpenSea access to their malicious transaction data. We touch on their plans to build an RPC provider in the future that can detect dangerous transactions before they reach the mempool. At the end of the show, Daniel and I discuss Bitcoin Ordinals.
It was great getting to understand the approach Harpie is taking to wallet security. I think there’s a lot to learn from this episode. I hope you enjoy the show.
Links
- https://harpie.io/
- Harpie Whitepaper
- Jameson Lopp’s Bitcoin Physical Attacks
- Jameson Lopp’s Metal Bitcoin Seed Storage Reviews
- https://ordinals.com/
Transcript
Nicholas: Welcome to Web3 Galaxy Brain. My name is Nicholas. Each week I sit down with some of the brightest people building Web3 to talk about what they're working on right now. I'm joined today by Harpy founder, Daniel Chong. Harpy describes itself as an on-chain firewall that protects NFTs from theft. In this episode, we discuss how Harpy's mempool monitoring and emergency vault contract works on a technical level. We also cover Harpy's unique business model and their growing enterprise service, which grants organizations like OpenSea access to their malicious transaction data. We touch on their plans to build an RPC provider in the future that can detect dangerous transactions before they reach the mempool. At the end of the show, Daniel and I discuss Bitcoin ordinals. It was great getting to understand the approach Harpy is taking to wallet security, and I think there's a lot to learn from this episode. I hope you enjoy the show. Daniel, welcome to Web3 Galaxy Brain.
Daniel Chong: Yeah, yeah. Nice to be here. How is your day going so far?
Nicholas: Going very well. It's been a beautiful day. How about you?
Daniel Chong: Yeah, I've just been coding, so it's been a pretty good day. I enjoy it.
Nicholas: That's a good day. It's good when you're not interrupted by too many meetings or things like that. Too many Zoom calls. So how, so we're going to talk about Harpy. How many people are at Harpy right now? It's a pretty new startup, right? Yeah, yeah.
Daniel Chong: We're pretty new. But we're a lean team of seven people. Pretty small, but we like to keep it that way. I think more can get done with a smaller team.
Nicholas: When did you get started on Harpy?
Daniel Chong: We started in March 2021. It's been a long journey, but yeah, we've been here for a little while. Back then we were just experimenting and now that we've launched Harpy out to the world, we're excited to see what happens.
Nicholas: So we're going to get into what Harpy is in just a second. But first, I know you went to Duke, you dropped out of a math degree to pursue Harpy. Maybe you could tell a little bit about what you were up to before you got started on Harpy or what that early experimentation phase was like.
Daniel Chong: Yeah, so I got into Bitcoin around 2012. So very, very long time ago. And I've been kind of in the space ever since. I got started selling like RuneScape Gold for Bitcoin. So that was how I got started. And around like 2017, 2018, during the ICO bubble, I started developing projects. So got started with Solidity there. And I've been developing Ethereum ever since. At Duke, I was studying math because, you know, crypto cryptography. It felt like it would be pretty similar. And then I saw a big opportunity here. We ended up raising our pre-seed round around that time and I left to go pursue Harpy. So that's where we are so far.
Nicholas: Awesome. We're going to have to talk at the end of this conversation. I'm curious if you've been looking at Ordinals, which has been my obsession for the last week as an OG Bitcoiner.
Daniel Chong: Oh, I've been hearing it a lot. I honestly don't know too much about it.
Nicholas: All right. I'm tempted. But let's talk about Harpy first and then we'll get into the Ordinals stuff later, which I'm sure you'll love. So you started experimenting. You thought there was an opportunity and you started experimenting in 2021. And then it turned into this. Maybe you could say a little bit about how Harpy works today, what the service really provides.
Daniel Chong: Yeah. So in terms of what Harpy provides, we're a non-chain firewall. There's a lot of security tools out there that are browser extensions. We're not a browser extension. We monitor what happens to your wallet on-chain. And if something bad ever happens, like if you get phished, if you get scammed, and you've accidentally clicked something on MetaMask, we stop that malicious transaction from ever executing on the blockchain. So I can go a bit more technical into that, but essentially, if you click a button on MetaMask that you're not supposed to, we prevent that from ever actually doing something bad.
Nicholas: Awesome. OK, I'm looking forward to getting into the technical details. And I've done some research. So I think it's a very interesting approach. And there's all kinds of interesting questions about where it will and will not work. But before we get there, the audience for the show is often builders, sometimes devs. I'm curious, what were the other projects that you worked on? What were the other variations on this theme before you arrived at this design? Yeah, yeah.
Daniel Chong: That's a really good question. Not a question I get asked often. People don't really appreciate the iterative process.
Nicholas: That's the most interesting part.
Daniel Chong: So we started off as... So I've lost like 10 Bitcoin due to private key loss. It was like from 2012. I just forgot about it. And we originally started Harpy as kind of like a private key loss solution. But then we realized private key loss is not really an issue that people worry about nowadays, especially knowing that crypto has long-term value or is speculated to have long-term value. So we just moved on to theft.
Nicholas: Sorry, why do you think that's the case? Because people are storing their stuff on centralized exchanges? Or because Ledger is like a good enough solution?
Daniel Chong: I think both. Like wallets are getting smarter. People are getting smarter about crypto. There's more education out there. And that's why custody is not really a big issue nowadays.
Nicholas: So... That's great. And you're going to have to tell me what to do with C-Phrase storage devices. Because I think the best thing I've ever heard was Snowfro from Artblocks, who has his distributed... Essentially, it's like a multi-sig vault with keys distributed around the world. And it would take multiple flights to go and restore his phrase. Although it does make me wonder, does he have enough locations to have also duplicates? should significant portion of the keys be burned? So it's interesting to hear that you think that's basically solved.
Daniel Chong: I think it solves... I think it will be solved in the very near future as a public good and not as a startup.
Daniel Chong: Yeah. I don't really think there's a way to monetize off of that, first of all. And second of all, it's a problem. It's the most known problem in crypto. So there's a ton of people building on it.
Nicholas: Certainly in Bitcoin. What is it? Is it Jameson Lopp? Is it Casa? Is that what it's called?
Daniel Chong: Yeah. Yeah. Yeah. Casa. The guy who made Casa is a Duke guy too. I got the opportunity to chat with him. I think that's only for Bitcoin as well.
Nicholas: Right. But I feel like the key, like the burying your key in the backyard is more of a Bitcoin vibe. I feel like a lot of Ethereums are pretty YOLO about hot wallets to their detriment.
Daniel Chong: I agree with you. I mean, people are pretty YOLO about it because I think it doesn't have like the same price tag as Bitcoin. I know it's like pro-rata, right? But I don't know. That's just... I feel like the psychology of it is like, oh, I have a Bitcoin and it's worth $20,000. I'm going to give it $20,000 worth of security.
Nicholas: Right. Right. Speaking of Casa and Jameson Lopp, I'm always sharing with people two of his posts. One is a GitHub repo. that's physical Bitcoin attacks. that I think is relevant in this subject also. It's not so much about what we're going to talk about with Harpy, but being safe, people go to conferences a lot. People often disclose photos and images of where their home is, unsuspectingly. And as we saw last year with that guy on TikTok who can locate anywhere in like a fraction of a second just from one photo, too much information leaking. The physical attack site is also something that probably won't cover today so much, but his physical Bitcoin attacks repo is a fascinating document showing many different situations in which people have been kidnapped or harmed in order to get access to their private keys. And the other one is his maybe even more famous, his hardware wallet review or hardware seed storage device reviews where he subjects them to 2000 degrees of fire and corrosion tests and 20 tons of pressure, which are both valuable for people interested in this subject.
Daniel Chong: Yeah, that's pretty hardcore. But yeah, I guess to go a bit more into the iteration journey, we went to ETH Denver last year, actually. So about to be one year. And we cooked up a hackathon project to stop theft. And what it was, it's a very basic MEV front runner script that if there was a transaction that looked suspicious, it would stop that transaction in transit. We ended up winning the hackathon over at ETH Denver, got to talk to Vitalik about MEV stuff, very intimidating. And then that's where we went with because there was a lot of interest. So Harvey right now, that's kind of our main feature. We stop if we see a bad transaction in the mempool that fits our advanced criteria, we stop that transaction from ever executing. So that's kind of like our iteration journey so far. Obviously, there's a lot of product iteration and UX iteration, but that's kind of what happened so far.
Nicholas: Got it. Great. So from more general wallet tech to something where there's a more viable business and something that isn't maybe necessarily going to be such an obvious public good. And with so many solutions, I mean, there are tons of social recovery wallets. So it makes sense. And actually, well, I guess we can jump to the technical part first and then later we'll talk about the business model because I think that's also very interesting, your approach. So for people who are familiar with Ethereum, they've done lots of NFT trading swaps. How does this work? How does Harpy achieve this goal?
Daniel Chong: Yeah. So I guess, could you clarify the question just a bit?
Nicholas: Yeah. Just like what's the experience of signing up for the service? And then what are the transactions and how does the vault really work? What is it that Harpy does if a malicious transaction is created?
Daniel Chong: So our focus is really on like the NFTs you really don't want like moving in your wallet, but you still want them in your hard wallet, hot wallet. Like I don't think most people are moving their things to cold storage. People use their hot wallets for everything. And especially like NFTs are not very liquid, right? So our main use cases of NFTs, you'd go to our website, you'd sign up. And essentially, if we ever detect your NFT going somewhere where it shouldn't be, we stop that in transit. And the way that works on the technical level is you'd be approving the contract and stuff like that. And to go into security a bit later by approving that contract, it allows the Harpy system to stop transfers on your behalf.
Nicholas: So basically, let's say I have, I don't know, some moonbirds. Why not? If I want to keep them in my hot wallet to show them off because my identity is associated with my ENS and the wallet that I use most frequently is my hot wallet, then I might want to keep the moonbird in the wallet. But I'm afraid I'm going to sign into some website. I'm going to get tricked by some kind of airdrop claim signature or something like that. I guess there's two vectors. One is maybe it's sort of similar, but a malicious website that spins up a transaction where I directly send my NFT to the wrong person, or where I simply sign a message that then someone else puts on chain. You could set an approval for an NFT contract by passing a signed message from another account, correct?
Daniel Chong: Yep, you can.
Nicholas: So two types of danger, but I guess ultimately the same kind of danger where essentially the fear is I'm going to give approval to somebody else to move my moonbirds in this example.
Daniel Chong: Yep. And kind of our specialty is that we're an on-chain firewall. We're not a browser extension. We're not like anything off-chain, meaning that we're able to detect malicious transactions from anywhere, not just your wallet. So we're the first and only company to have ever stopped a private key theft. We're the first company to ever stop the OpenSea match order scam, the one that Kevin Rose got rugged by. So we do a lot of stuff at the very, very low level, just to make sure that low level meaning like closest to the block is possible, just to make sure that for the assets that you really care about, they're not going anywhere.
Nicholas: Right. So in this example, let's say I have, I don't know, some ENS addresses, NFTs in my wallet and some one moonbird that I really don't want to sell. I could create a Harpy vault, give that a vault unlimited permission to move all of my tokens on the contract. And then if ever Harpy's off-chain server detects that there's a transaction in the mempool to move that moonbird somewhere else that will succeed, it will intervene by front running the transaction, flash botting a transaction that moves the moonbird from my wallet to a vault that I've predefined and deployed. And that vault belongs to me.
Daniel Chong: Yep, exactly. So the vault is a smart contract that has a lot of like immutables meaning. So essentially Harpy never has access to like withdraw your tokens from a vault or anything like that. You're essentially creating like a two of two multi-sig. And that's, that's the way that we'd like to do it. At no point does Harpy ever have custody over your funds and there's no part. point is one of Harpy's contracts like immutable. So like no one can just go in and like mess up with a proxy, proxy contract or anything like that.
Nicholas: Okay. So the point being that I give unlimited approval to my moonbirds to the vault, but the vault is a fixed contract that is immutable. So there's no chance that the contract could just move my tokens to let's say another contract. It can only be used to move tokens from my wallet into the vault. That's it.
Daniel Chong: Yes. It can only be moved. The transfer can only move things into the vault, which you only have access to withdrawing from.
Nicholas: Got it. So basically I'm like on Harpy pre-approving a subset of the NFTs in my wallet, the whole collection of whichever NFT collections I choose to protect with Harpy, I'm sort of pre-approving that they be moved into the vault. And then that only happens if Harpy's off-chain server process sees something nasty happening or rather than nasty, something unexpected like a transfer to a wallet that I have not predefined as being like a safe wallet.
Daniel Chong: Yep. Exactly. And I think that's a good way of looking at it is just for the assets that you really care about that you want to get like premium protection on. That's what you use Harpy about, Harpy for.
Nicholas: That's very cool. So basically what this means is that I could set up like, let's say I have a handful of wallets, some hot, some cold. I could add them all into my Harpy profile. And that way I can always move my secured NFTs between my wallets, but Harpy will stop me from moving it to another wallet essentially.
Daniel Chong: Yep. Yep. If that wallet looks suspicious or anything like that. And kind of the vision with Harpy is when you're saving your credit card at a random place, sometimes your bank will go ahead and email you like, oh, this looks suspicious. And then it'll ask you to like confirm that transaction and stuff like that. The ultimate vision for Harpy is to make transacting in DeFi and with NFT trading as simple as swiping a credit card and as secure as swiping a credit card. So we're coming up with a couple of new features that like Harpy as a vault, that's like very secure. That's like, I wouldn't call it like military grade, but it is very secure, but it can also get kind of annoying if you're using like very fungible assets like, like Weath, for example. So we're coming out with new features that kind of add like two factor authentication to your wallet and stuff like that to make sure that you're not signing transactions that don't look good in the first place.
Nicholas: So for example, if I go to sign a transaction, if I sign a transaction, it'll ask me for 2FA while it's sitting in the mempool? Yes, exactly.
Daniel Chong: Well, actually, for like a more technical explanation, you click confirm on Metamask. And before that transaction actually gets sent out on chain, it goes through like our advanced like transaction engine and then it makes sure that that looks good before sending it out. And if it doesn't look good, we just ask for more confirmation on your end.
Nicholas: So that would be a browser extension that would intervene between Metamask and the mempool?
Daniel Chong: No, not actually. We're actually sitting in between the blockchain and your wallet.
Nicholas: Oh, RPC.
Daniel Chong: Yeah, an RPC level.
Nicholas: That's very cool. I spoke six months or so ago with one of the core devs from Rook, and they were talking a little bit about all of the potential for building custom RPCs that are more intelligent than just even flashbots, I guess is the most intelligent one that I'm aware of right now. So it makes a lot of sense that you could intervene there and keep people safe.
Daniel Chong: Yeah, I think that the RPC layer is something that we want to get into. There's a lot of security products in the market, but Heartbeats specialty is mostly just creating things that are outside of like the obvious, like browser extensions, like making tools that are lower on the stack in terms of like low level.
Nicholas: And is there a reason why you're attracted to those low level applications?
Daniel Chong: I think it's because the way that we transact with blockchain and Ethereum will evolve as time goes on. Like right now, there's a Web3 narrative and there's been a Web3 narrative for the last year and a half. You know, right now it seems like Web3 is everything, but our personal thesis is that soon there's going to be IoT connected with blockchain. There's going to be other things connected with blockchain. You won't even be knowing. You won't even know what part of your digital profile is connected to the blockchain or not, which lends itself to the theory that the lower level you are, the higher your company has a chance of like surviving through whatever evolutions are in terms of crypto.
Nicholas: Certainly nice also to be able to be integrated with a variety of wallets rather than just ones that are in break for Chromium. Exactly.
Daniel Chong: And also browser extensions are like a war zone, not just like crypto browser extensions, but in general, like I only have five browser extensions on my Chrome.
Nicholas: Yeah, I have separate browsers for the one with extensions and the one with wallets. And even then I'm still uncomfortable with the way, you know, occasionally you have to put something like a couple of weeks ago I had fire on the show and, you know, I used it in a testnet browser, but I'm nervous about putting it in the same browser as Metamask.
Daniel Chong: Yeah. I mean, at the end of the day, like there's going to be security as a stack. It's not just like a single part of it. And we want to be at like the, I think the cooler parts of the stack.
Nicholas: So yeah, lower down. So what happens when a token is stolen? It shows up in the vault and then you said that it's effectively like a two of two multi-sig. What do you mean?
Daniel Chong: So essentially you're the only one that has the ability to withdraw from there. So, you know, say we front run a token and we pretty much like take it under the hacker's nose and it's in the vault now. You kind of like pre-register a wallet address to get that token out of there. And we charge you like 0.01 ETH to do it. So in summary, like you register a wallet that's the only one able to withdraw tokens from the vault and that could be the same wallet as yours. And after like you could just call the withdraw function and get that token back to any wallet that you choose.
Nicholas: But you probably should not, that should probably be a separate wallet from the wallet that's being protected, right?
Daniel Chong: Yes. Because of like lingering token approvals, you probably shouldn't use the same wallet.
Nicholas: Or if it's your private key that's taken. I guess if it's a private key, I guess even if it, even if you deliberately with your private key signed the wrong transaction, it will be put in the vault.
Daniel Chong: Exactly. And it's like a, it's a one of one to two of two multi-state if you really want to get technical with it, but it's probably better if you do it as a two of two.
Nicholas: Who's the other party aside from the recovery wallet?
Daniel Chong: It's the person that designates the recovering wallet and the recovering wallet. So those can be the two or the same things or two different things.
Nicholas: Got it. So the wallet that's being protected and either itself or a secure recovery wallet. So exactly. Very cool. Okay. So I was under the impression that maybe there was a Harpy wallet in there, but no, no, we are not a signer in the process at all.
Daniel Chong: That's, that's how we kind of keep ourselves noncustodial.
Nicholas: I think that's great. And I really like your business model. I mean, I didn't realize it was 0.01, which is very, very, very, very cheap, but it's really nice to just have the fee model built into the, I don't know what you call the function, but the release from vault function being a pay, I assume being payable is very elegant solution that keeps the totally immutable and very clean.
Daniel Chong: Yep. And kind of. the whole reason for that is just like, we want it to be easy to use Harpy and we don't want to charge you until it starts working. Right.
Nicholas: Makes total sense. And it's great. Cause it's, it's free to sign up and free to use and very secure. The code is audited. You can look at the contract. There's no way that anything can change. So it's very clean, very cool. I think that's a great pattern for other people to consider for whatever their product is offering something where the value, you know, once the then the function to access that value is, is for pay. That's very cool.
Daniel Chong: Yeah. People have been forking our old contract for like cool things like last wills and stuff like that. So I'm excited to see, I've never had one of my contracts be forked before. So it was pretty cool that people are using them.
Nicholas: What's glass wills?
Daniel Chong: Like some, someone told me that they went in a hackathon, they forked the Harpy contract and they are using it to facilitate last wills in some way. Like, I have no idea. Just, just a side thought. I think the way that we designed the system is pretty cool and user friendly.
Nicholas: That's interesting. I don't know if it has anything to do with, but I was thinking about dead man switches the other day and I don't know if there's like a go-to solidity contract for that.
Daniel Chong: Yeah. I think it would be more of a public good than anything when it comes to last wills and like dead man switches because yeah. I don't know if there's any good solutions at this point.
Nicholas: I suppose it's not something where Harpy can actually, they can fork the contract, but they can't fork the service because the service is the indexing of the mempool. Yep.
Daniel Chong: Yep.
Nicholas: Very interesting. So it seems like this would be a great thing to make sure you don't, like I listened to a podcast with your head of BD who mentioned that she sent an ENS to the wrong personal address with incorrectly typed. So it went to somebody else. It seems like that would be a great application of this too, just to make sure that you don't, for instance, ENSs, maybe have a bunch of them and you move them between your hot wallets and your cold wallets, make sure that you don't send an ENS to the wrong address. This would be a way.
Daniel Chong: Oh yeah. We've actually stopped, I think over like $500,000 of people saying, oh, I accidentally sent my board to some place I shouldn't have.
Nicholas: So fat finger firewall also.
Daniel Chong: Yep. Yep. Well, that's not like our advertised thing. It is like, that is something that we do.
Nicholas: So speaking of fat fingers, how does this interface with marketplaces or OpenSea? I basically can't protect a collection that I also want to be selling at the same time.
Daniel Chong: So when it comes to protocols, the way that our engine works, it detects what protocols you're using, what protocol the transaction is interacting with. So say you're using OpenSea and you're using OpenSea in a non-malicious way, like you're selling a board for like one ETH below four, for example. In that case, nothing happens. The way that we've designed it is like, if something bad is happening, we stop that transaction and we try to make our engine work as best as we can to detect if something is bad or not in a Boolean way.
Nicholas: So if it's like a reasonable transaction, like for instance, selling it for way under the floor, it would stop.
Daniel Chong: Exactly. Exactly.
Nicholas: That's very cool.
Daniel Chong: On that same note, actually, when it comes to interfacing with exchanges, OpenSea has actually started using our malicious transactions detection engine for their own purposes. So we're helping them flag scammer addresses and hacker addresses and making sure that they know exactly what addresses they should blacklist from the platform. So our data is actually...
Nicholas: Harpy primarily is a data source for who is committing malicious transactions? Yeah, exactly.
Daniel Chong: Which addresses are malicious or not.
Nicholas: Okay. So they're not using it to protect NFTs. They're using it just to learn who is malicious in the environment. Yep.
Daniel Chong: It's not an application that I would have thought about when we started, but it makes sense because we analyze transactions within 20 milliseconds, whether they're malicious or not. So of course, we use this as an API of sorts.
Nicholas: Wow. What kind of stack do you have to be able to execute that analysis so quickly?
Daniel Chong: So a lot of what we're doing is based on address analysis using large form heuristics and ML and stuff like that. So the way that we do it, essentially, it's just like hash table lookup at the end of the day. So it shouldn't take too long.
Nicholas: Got it. So are you pre-computing those values and then just comparing to the database?
Daniel Chong: Yeah. A lot of other malicious transaction engines or transaction simulations will take 200 milliseconds, 250, something like that. But we have advanced algorithms that are able to detect what addresses are bad or not, or what call data is bad or not.
Nicholas: And does that speed allow you to catch more malicious transactions? I mean, there's still 12-second blocks or so on mainnet, right? Does it give you a practical advantage aside from just being cool?
Daniel Chong: Yeah, it gives us actually our front-running success ratio, I think it's about 99.8, something like that. Testing and doing the math on that, since it is about 12 seconds to execute, the average transaction will clear in about six seconds with a bell curve radiating outwards. So yeah, if we took any longer, we would probably let a lot more transactions through.
Nicholas: Wow. That's very cool. This makes me wonder, and there was some mention on the website, is there any way to prevent an attack that is executed using Flashbots?
Daniel Chong: So what we're finding is that most attacks aren't being executed through Flashbots. They're mostly self-signed, approval for alls and stuff like that. While there's a case for those coming out soon, at the end of the day, first of all, we're creating tools as part of the stack that are able to prevent that, stuff at the RPC level. And also, we're just one part of the security stack. And when something is sending through Flashbots, they probably have your private key, which is something that is very difficult to prevent in the first place.
Nicholas: Right. In general, I guess, if it's self-signed, they would need to convince you to configure a new RPC. Because most people don't use Flashbots, they'd have to convince you to configure your Flashbots as an RPC before your transaction would be incorporated in a Flashbot bundle.
Daniel Chong: Yeah, exactly. So hackers have to go through hurdles to get people to sign things off-chain and then transmit it through Flashbots themselves. And hacking works at scale, right? It's like on conversion rates, if we're thinking about in a SaaS way. So we don't really see a future where that happens unless Harvey becomes a giant threat to them, which I don't think we've reached so far. And if we do, then there are things that we can do to stop that as well.
Nicholas: Right. It's very smart that you're moving into the RPC stack as well. I know that you sell enterprise services. Is this sort of data service relationship with OpenSea the primary kind of enterprise service you're offering or other things also? Yeah.
Daniel Chong: Yeah. I was watching data and stuff like that. So exchanges can help. So exchanges can blacklist addresses. That's one thing that we offer. Right now, we're honestly just experimenting with our enterprise line. Our data is probably the most valuable thing. We're not a transaction simulator. We would base everything on a heuristics engine. So we're able to catch a lot more things than transaction simulation would see. Our data is being exported to companies right now.
Nicholas: It's interesting. I guess with the current product, there's not, aside from the approval transaction to the vault, which is, I mean, assuming that there's no problems with the vault and it's been audited, it's a pretty safe one. I guess with the RPC, we start to get into a territory where the transactions that I make are communicated to you before they're hitting the chain. So maybe some people would have some privacy concerns about that. Do you have any thoughts on that?
Daniel Chong: There are privacy concerns about that. At the end of the day, there's no difference between us receiving the transaction first, unless you're doing like MAV stuff, because that data will be put on chain in like seven seconds. I think the privacy concern there is like, oh, if I'm trading DeFi and I'm sending millions of dollars at a time, how do I know that you guys won't be front running us? I think the answer to that is you don't even know if Flashbots is not front running your own data. So if you don't see your transactions being front run by us, you're probably safe. There's no real gain that we get from front running our own users when it comes to like making big MAV trades.
Nicholas: Right. And if you're really concerned and you're making a big MAV trade, probably just switch to the Flashbots RPC for that transaction.
Daniel Chong: Exactly.
Nicholas: This also seems like a great service for redeeming mint passes, because I guess you can redeem a mint pass on, in our example from earlier, a Moonbird, transferring it. So that transaction wouldn't be blocked, right?
Daniel Chong: Exactly. Yeah. So we only stop like dangerous transfers and stuff like that.
Nicholas: That's very cool. So it means someone, if you get a freebie, an airdrop that you can claim for holding some NFT, you can do it from that wallet and still that NFT will be secured. That's very, that's very cool.
Daniel Chong: Yeah.
Nicholas: So you said that it works with marketplaces on the basis of like an analysis of whether the transaction is safe or not. I guess you're integrating marketplaces as they become popular over time.
Daniel Chong: Yeah. We have a list of like 60 or so that we've like explicitly programmed in the protocol and our engine will detect the ones that we haven't explicitly like defined.
Nicholas: Got it. We touched on this a little bit earlier, but you said it's usually that you are front-running user-initiated transactions rather than a signature that they made being put on chain by somebody else. Is that right?
Daniel Chong: Yeah, that's 100% correct.
Nicholas: Is there anything you can give as like a broader picture of what the types of malicious transactions are that you're watching out for?
Daniel Chong: Most of what we're seeing is just approval for alls. And we're also seeing a lot more signature scams like with OpenSea match orders. So that's what we've been seeing as like the biggest threats. And actually when it comes to like a signature-based threats like OpenSea match orders, that's where our service becomes very powerful because there's not really many tools in the market that can stop something as complex as that. And for context, like that attack is like an off-chain signature attack.
Nicholas: You said that's the Kevin Rose attack.
Daniel Chong: Yep. Yep.
Nicholas: So walk us through how that one works.
Daniel Chong: Yeah. So essentially Kevin Rose had, you know, 50 NFTs in his wallet. And each of those wallets approved trade for each of those NFTs had approved trade for OpenSea. So like stuff like what's it called? Like his squigglies. Yeah, his squigglies. He already approved that for OpenSea. And what that means is that people can manipulate the OpenSea C4 contract into transferring those NFTs on his behalf. So they made Kevin sign this like very long-winded signature that essentially said, okay, you get to take my money through OpenSea. So that's the attack that was done. And Harpy is one of the only protocols able to prevent that type of attack.
Nicholas: Sorry. So the signature that he signed was saying that it was accepting an offer? Yes.
Daniel Chong: The signature that he signed was accepting a private sale to the hacker's address.
Nicholas: I see. And it was difficult to read because it was a C4 transaction and Metamask doesn't really make those very clear right now.
Daniel Chong: Exactly. Like it's just like signing type data. So there's really no way to like read it.
Nicholas: Well, at least not as type data. It could be interpreted, but anyway. So he, what did he think he was signing in the first place?
Daniel Chong: I think he was signing like a login message because a lot of companies, including us, do like signature signing as part of private key verification. And at this point, there's like no, no better way to do that, which I hope there will be an innovation of in the future.
Nicholas: Do you know any EIPs or anything coming down the, that are going to do that?
Daniel Chong: No, the whole point of like EIP, the whole point of like the sign type data, like EIPs, was to prevent these types of attacks. But now that like gas is expensive or was expensive, it was like a $20 at one point, people are using like off-chain signature hacks. So these same login signatures that they were supposed to be using are now actual like transactions, which is very, very dangerous.
Nicholas: What changed that? allowed that? This is EIP 712, right? The sign type data one. I'm not sure what I understand. You're saying that accepting the offers was not a transaction that he sent. It was a signature and that was a choice on the part of C port to make it more affordable to transact NFTs?
Daniel Chong: Exactly. So like how protocols are using sign type data now is that they're using an on-chain approval that they had previously and using those signatures to do transactions, to like execute transactions in a gas saving way.
Nicholas: So the buyer pays the gas to execute the transaction, but essentially, but he was accepting an offer, but it would have been the buyer who would still send the transaction. I thought normally it was like, either you make a listing and the buyer puts it on, like it's a permit to buy, or it's a permit to, I guess this was the opposite kind of permit to sell.
Daniel Chong: Okay. So he, the buyer pays the gas at all times. He gave a permit for the buyer to purchase things at a specific price.
Nicholas: I see. Okay. Yeah. And it was a malicious website that's spawned that signature request.
Daniel Chong: Exactly. And it's becoming like one of the most common attacks. So it's kind of scary to think about like what other off-chain attack vectors there will be. There needs to be better conventions around these sorts of things because usually the developers that are writing like gas, gas saving scripts are not the ones that are worried about security for their own personal selves.
Nicholas: Right. They're worried about contract security, not user and user. Exactly. It's interesting that I agree with you. I have had a lot of concern over sign in with Ethereum's popularization because of exactly what you're saying. If everybody is asking you to sign their toss at login, people are just getting very used to just clicking sign quickly. And the consequences that they are more likely to click a nasty one. I spoke with fire about this a little bit, and maybe you can confirm, but my impression is that if you're signing a message that is a string, even if that string includes some hex value, there's no way to like easy recover the signature of a plain text, read human readable transaction and recover some portion of it and use that to authorize some kind of offer or something. Is that right? Do you think that's right?
Daniel Chong: Yep. Yep. That's right. Actually, we're pretty close to the fire team and we kind of agree with them for a lot of these issues. because there is like once you sign a transaction, well, okay, there's a way to easily recover the original address signing it, but there's no way to like easy recover like the, I guess, encoded hex code.
Nicholas: Right. Even if they were to have you, even if they were to get on chain, the value, the signed value is the sum of the string that you're signing, not any portion of it. So even if they put something in there, you haven't signed that separately. So they can't. Exactly. That's part of the advice I've been wondering. if it's good to give people, which is if you can read the text that you're signing and it's like language, then it's probably okay. Do you think that there's more that the wallets can do for making human readable, the values that people are signing?
Daniel Chong: No, because those things are like, there's no spec for it. Companies will design their own specs for how they're using sign type data V3 or V4. So there's nothing really that companies can do. That's one thing that we're trying to change. Like our data engine does analyze like transaction call data. That's weird because like at the end of the day, you're still passing in the signature as a parameter to a gas function.
Nicholas: So you have the plain text that was signed.
Daniel Chong: We don't have the plain text that's signed, but we're able to parse those quite accurately if we know like what contract that they're sending the transaction to, because then we could just parse the ABI and stuff like that. So to summarize.
Nicholas: Because they don't need to include it because they know that. They don't need to include the plain text for the VRS EC recover because they already know it because it's their own contract or a contract they're trying to exploit. I guess they only need the values that, but aren't you signing like Jason blob? and then that becomes the transaction? Like don't you need to supply the contract with both the signed and the data that was signed? The signature? Yes.
Daniel Chong: Yes. So you pass the, you pass the off chain signature as a, like, you know, how like open C someone has to pay gas, the buyer pays the gas, the buyer is actually implicitly passing in like an open C match orders off chain signature into the function param.
Nicholas: And, and also the, the data that they signed. or open C just knows what that data is from less data passed in as an argument.
Daniel Chong: At that point, the contract can then parse that data.
Nicholas: Okay. So you're saying the call data you're looking at might not have all the details about what it is, but the contract knows what to expect. So it doesn't need so much.
Daniel Chong: Exactly. So one power of like the data engine that we've built is a, you know, for example, like open C match orders, that's an off chain signature. If we know, if we have like the transaction object, like if we know, say like a wallet provider decides to integrate with us for data, right? If they provide us with like the transaction dot to transaction dot from transaction dot data, we would actually be able to parse the off chain signatures because we know the API of the contract. We're able to read those properly, but just an off chain signature signed without any relation to a contract. You never know what that's going to be.
Nicholas: Got it. Fascinating. That's, that's very interesting. So is anyone pre-approving Harpy vaults for an entire collection pre-mint? Has anybody done that yet? I guess it doesn't make sense because you need to have your own personal vault, but a collection could protect its whole collection by having like a collection wide vault just in case or something like that.
Daniel Chong: At that point, like our integrations with collections, they don't work with like the Harpy vault very nicely because those are some things that people can set up on their own person. Yeah. We're still thinking of ways to partner with collections more effectively. And I think that will have to do with like the Harpy RPC. I think we'll be able to like add two-factor authentication to everyone's addresses if like the collection has that as a requirement and stuff like that.
Nicholas: Interesting. So like Moonbirds or something like that could opt into having 2FA requirements for transferring them after some date. Exactly.
Daniel Chong: Exactly.
Nicholas: It's interesting. It would, it would really probably kill the secondary, but yeah, I could see it. I guess if royalties are dead, then maybe it makes sense.
Daniel Chong: Yeah. I think royalties are going to die out soon. I have no idea though.
Nicholas: I don't know. People seem to be somewhat okay with operator filter. I think it kind of depends what kind of collection you're doing as long as, and I haven't looked in detail, but my sense is that the operator filter is, is something that the contract owner can disable later on. And if that's the case, then I think it's, it's relatively okay.
Daniel Chong: Yeah. At the end of the day, it's just consumer choice. Like there's exchanges that support the exchanges that don't. So who knows?
Nicholas: Speaking of other exchanges, Blur lets you sign multiple listings with one transaction and they have this very cryptic value that you sign to do so. Do you have any thoughts on that? And is Harpy able to deal with that adequately?
Daniel Chong: So you only have to sign one thing on your wallet for Blur?
Nicholas: I think I, maybe I'm remembering incorrectly, but I'm pretty sure you have to sign like gem style, open C looks rare, X, Y, X, Y, two. You have to sign different messages for each listing that you're making for each NFT that you're making, regardless of if the contract already has approved all, but for Blur, I think you can do it in just one transaction. And it's a little bit scary. I mean, I love it from a UX perspective, but I think it's just like a hex value that you.
Daniel Chong: Oh, the way that they do that is that you're approving the Blur contract. And then the Blur contract is able to delegate your things properly through its own signature system. So you're not actually like signing, you're not signing for open C something else, something else with one signature, you're delegating Blur to do that for you. So it's like a technicality.
Nicholas: But I mean, these are for Blur's own native listings I'm talking about. Like, like you could, I think you can list multiple NFTs on Blur, not unrelated to open C. and look just on Blur, you can make listings with one signature. that is small amount of data. You can list multiple NFTs from the same collection, rather than having to do a signature for each token ID you're listing.
Daniel Chong: Oh, I see. So you're not saying like, you're not saying that like, you can approve it for like open C?
Nicholas: just, just, oh yeah, on Blur.
Daniel Chong: Yeah, actually open C has the same feature.
Nicholas: Oh really? I think I've listed there in a while.
Daniel Chong: Yeah, we, I know that we support Blur because they're a fork of, uh, support.
Nicholas: They just moved to C port, right? So maybe, maybe they're both using the same thing now. I, my point of reference is from before they switched over to using C port. So I'll have to try, try it more now to see if it still works.
Daniel Chong: Yeah. Open C, um, open C has the same features. So the Kevin Rose, like transaction, he, he literally like set over NFTs from, I think 10 different collections with multiple token IDs with one option signature. It was crazy.
Nicholas: Wow. Times have changed. I remember sitting in clicking, like listing 25 things and clicking 50 signature buttons on Metamask, uh, on gem only a few short months ago. It's pretty funny. Okay. So I think we've kind of run the gamut. Are there any other products that Harpy is thinking about? this RPC thing seems to be like the next cool thing, which makes a lot of sense to me. Are there any other domains that you're looking at or experimenting with?
Daniel Chong: Uh, we just got our first, um, hardware wallet integration with a hardware wallet called KeepKey. It's a smaller one. It's not like treasure or ledger, but we're very excited to see like how like the next generation of hardware wallets and contract wallets will integrate with like transaction security data. Um, we have one of, if not the most advanced transaction security algorithms out right now. So there's a lot of things that we can do with our data. Kind of the future of Harpy is just like, we're, we're trying to figure out the best way that we can use our data to build products and protect customers. If that's like outsourcing to other companies, that's outsourcing to other companies. If that's working with our own internal products, that's how we do it. Um, but at the end of the day, like we have a good data engine and we know that data can protect customers. So we're just being lean and figuring out like what is the best way that we can do that for everybody?
Nicholas: What does it mean to integrate with a hardware wallet?
Daniel Chong: So well, actually their hardware wallet, um, like if there's, yeah, their hardware wallet software, like if you said like their MetaMask, their Ledger Live equivalent. Yep. Yep. Exactly.
Nicholas: So their Ledger Live equivalent will just check against your API before, or there's no vault built in or is there? Nope.
Daniel Chong: It's just checking against the API.
Nicholas: Okay. So it'll just say like, oh, this transaction, Harpy says this looks suspicious.
Daniel Chong: Yep. Exactly.
Nicholas: Very cool. I think that's the gamut of all the questions I had prepared for you. Are there any other topics about Harpy that we haven't covered that you think are worth discussing?
Daniel Chong: No, at the end of the day, this was a very interesting conversation. Like I haven't actually been this technical in an interview before. Usually it's just like some basic stuff. So I enjoyed it a lot.
Nicholas: Oh, I'm happy to hear that. If you have a couple of minutes, we can talk about ordinals. If you're, if you're curious, have you taken a look at all?
Daniel Chong: So like, I saw like a thread about it, essentially like they're using the pseudo non-fungibility of Bitcoin to like support non-fungible tokens. Is that what it is?
Nicholas: Exactly. They're essentially, and I haven't looked too much at the code that they're using for this, but they're creating an index of the movement of the stats by assigning an ordinality to the UTXO outputs and saying, well, if this, you know, let's, they just have applied this lens onto it. I'm not sure how intrinsic it is to the UTXOs. Like, I don't know if the ordinal numbers they're assigning to the outputs is rock solid, but they've thought about it a lot. Casey has thought about it a lot. So there's a chance that it's, it's, it's quite good. I have to get a little bit deeper into that piece of it, but basically they then essentially give a token ID to every Satoshi. And then as the Satoshis move around, they are able to track them. And so they've built a fork of Bitcoin D called Ord. And the Ord wallet is designed to basically keep the first sat in every, I guess, I guess their wallets. I'm just getting familiar with the Bitcoin terminology, but every address that you have access to as an input, like a spendable address will have one sat in each address. And then they have used tap root and the, the witness data. they're loading with any kind of file within a, what he calls an envelope, which basically is like an, if not, it starts with, if not, so none of the nodes run any of the code in this, it immediately like reverts out, but the code is nevertheless there. And his website ignores the beginning and renders the like on chain images, sort of on chain. I think it's more accurate to think of them kind of like call data because they are pruned from nodes and they're not because they start with a not, they're not relevant to the execution of Bitcoin. So they're kind of like call data more, although, you know, there'll be, I guess any full Bitcoin node will keep them. So sort of like an archive keeps call data on Ethereum. And then they are able to essentially with every, every transaction where you move a sat is an opportunity to inscribe it, which is to say to pack a bunch of HTML or SVG or JPEG into that witness data slot associated with the transaction. And yeah, I think that's, that's basically the high level story.
Daniel Chong: Yeah. I mean, that's very clever. I mean, Bitcoin's have always been like one Bitcoin never has equaled one Bitcoin, like on a technical level, which is like a unicality between it and Ethereum. Cause I think Ethereum is just like completely fungible compared to Bitcoin. So I'm excited for it. But I also, I also see like the war between like the validators that don't want to accept the ordinals and the ones that do. And it's kind of, it's kind of interesting. Like, I feel like the vision of Bitcoin has gotten kind of skewed because people kind of want to keep it not Ethereum, but I don't know. I pot takes from me. I'm not really like a part of the Bitcoin community anymore.
Nicholas: There is this contingent that wants Bitcoin to only be a store of value, only be money, no programs, no DeFi, no NFTs. But what's interesting about ordinals is that it doesn't really all that it means. I mean, it increases the, I guess, centralization factor in the sense that you have to download more data in order to like download the index of the chain in order to set up a node. However, that data and obviously Bitcoin D and all these other things can, they already have flags for pruning this taproot witness data, which are default to off, but could easily be defaulted to on or just turned on manually. So it doesn't increase the operation costs, but it does increase the initial bandwidth cost of the first sink of the chain. And I guess subsequent sinks. So it's, it's like a little bit of an increase, but it's not, it feels like a potentially acceptable amount of centralization increase, which is kind of interesting. I think the craziest thing for me is a native Ethereum. is like looking at mempool.space and trying to understand UTXOs. It's a very, like there's no account model. So it's much harder to track who is who in Ethereum. You have an address, that address deploys contracts, which issue NFTs, which are always associated with that contract address. Whereas in Bitcoin UTXOs can either pass change back to the original input or the input address. outputs can be input addresses or not. So it can be very difficult to track the identity of, for instance, an artist, which is, is pretty weird.
Daniel Chong: Yeah. I also feel like Bitcoin hasn't jumped through a lot of hoops to get this done. Like when it comes to like, make like taproot and stuff like that, you kind of have to jump through hoops. I don't know. It's just the weird thing about Bitcoin versus the Ethereum is like, yeah, there's like DeFi people and NFT people, but usually those spill over. Like usually people that do DeFi own like one or two NFTs. Usually people that do NFTs own a bit of USDC and stake it. But in Bitcoin, it's weird to see like this huge divide of like, oh, Bitcoin is Bitcoin and or Bitcoin is a blockchain data storage compute system. So I'm just excited to see how that plays out.
Nicholas: It is interesting. I mean, at the beginning of the week, it was very cheap to do. We, a friend and I tried to inscribe an ordinal and it cost about $5. I think basically you, oh, I had the calculation previously, but say you take the, the witness data is charged at a quarter. The price has like a 4x discount. So you take the amount of bytes that you're trying to store. You divide by four because of the discount, and then you multiply by the sats per what are called these virtual bytes, these V bytes, which are like a quarter of the price a byte. So you multiply by the price that you're willing to pay for the fee for your transaction. So bytes divided by four times, however many sats per VB, and you get the price. And it was about $5 US at the beginning of the week to put one of these, like a small one on chain, something like 10 KB, something like that. And it's since doubled. What's interesting is some people are saying that it's maybe an answer to like how empty Bitcoin blocks are and how relatively little the, or I assume they're empty. I actually don't know the details on how, how full or empty they are, but the, it creating demand for blocks based on Bitcoin essentially, which it certainly has this week. The price has gone way up. I was surprised at first. it's way cheaper still. now with the increased prices, it's much cheaper to inscribe data in a trend, in a, an ordinal on Bitcoin than it is to do an on-chain operation. I'll have to do the comparison to see what the difference is between inscribing an ordinal with X amount of data versus passing X amount of data as call data to an Ethereum transaction. But I think they are essentially equivalent in terms of how on-chain they are.
Daniel Chong: Yeah, I'm excited about it, but I just hope that there's not as much like VC attention to, to ordinals and stuff like that. Cause it would be cool if that space grew organically rather than like artificially. Cause I do feel like some of the artificial growth in the NFT ecosystem, Ethereum has kind of caused it's like decline right now.
Nicholas: Totally, totally. I think, I think it's so weird and difficult to do. Like one of the biggest differences, and frankly, it's, it's been amazing this past week personally, is you have to create your own node and sync it with Bitcoin D before. you can install the Ord wallet and start creating your own NFTs or ordinals. You can purchase them with Ord without having a synced node, but you can't inscribe. So if you want to be a creator, you have to be a Bitcoin node haver, which I think is actually ethically pretty interesting. And I'm sure eventually it'll be solved. And there are people who've made websites that will inscribe for you for a fee, but it's pretty neat that part of the early culture is like, no, you have to have your own node.
Daniel Chong: Yeah. I think that's a good thing. Anyways, I think like we're reaching about time. Is there, is there anything that you all wanted to ask me about Harpy or anything like that? No, this was great.
Nicholas: Thanks so much for coming to chat about Harpy and I'll definitely check it out further for my own use. Thanks so much for coming on the show.
Daniel Chong: Cool. Yeah. Yeah. Thanks so much for hosting. It was really interesting.
Nicholas: Excellent. Thanks everybody for coming through. Next episode is next Friday at 5 PM Eastern. I hope to see you there. Thanks Daniel.
Daniel Chong: Have a good one. Thanks for inviting me.
Nicholas: Hey, thanks for listening to this episode of Web3 Galaxy Brain. To keep up with everything Web3, follow me on Twitter at Nicholas with four leading ends. You can find links to the topics discussed on today's episode in the show notes. Podcast feed links are available at web3galaxybrain.com. Web3 Galaxy Brain airs live most Friday afternoons at 5 PM Eastern time, 2200 UTC on Twitter spaces. I look forward to seeing you there.
Show less