Skip to content

Safe Sequencer


The Safe Sequencer uses real-time exploit detection to block exploits before they are included in a block. Each incoming transaction is sequenced, executed within the Firewall EVM, and checked for an exploit error that can trigger a transaction to be "thrown out". The Safe Sequencer also maintains additional state used for exploit pattern recognition, such as per-contract static analysis and A.I. models.

Block exploiters, not users

By performing dynamic analysis before a transaction's state change is committed to a block, the Safe Sequencer can delineate malicious exploiters from users programmatically. This dynamic analysis is the core technology that allows the Safe Sequencer to block exploiters, not users.

Firewall EVM

The Firewall EVM builds on top of Revm to instrument certain opcodes and accumulate relevant data during a transaction's execution. The data collected by the Firewall EVM is used to identify exploits through both hand-written patterns and A.I. models that establish their own patterns in training. zkVM frameworks, such as Risc Zero or Sp1, are integrated with the Firewall EVM to prove whether or not a transaction triggered an exploit pattern - enabling us to delineate and prove valid exploit censorship by the sequencer.

Global Patterns: Reentrancy

Reentrancy exploit patterns are blocked at a global level using hand-crafted heuristics. These heuristics were inspired by many research papers, including the execution property graph paper.

A.I. Models

Granular execution data is inspected by the Firewall EVM, collected just before a transaction ends, and run through our A.I. models to determine whether or not the Safe Sequencer should include the transaction.