Frequently asked questions
Is Forta a blockchain?
Short answer: no. Forta is not a blockchain in the sense that it does not maintain shared state between nodes, but it has similar characteristics to a blockchain in that it is a decentralized network of nodes. Forta is more similar to The Graph protocol in that it runs on top of a blockchain. Forta uses a blockchain (i.e. Polygon) to coordinate scan nodes and store IPFS references to alerts generated by bots.
How can I consume alerts from bots?
You can subscribe to alerts from specific bots or contracts using Forta App. If you connect your wallet and click on "My Alert Subscriptions", you can setup notifications for alerts. Currently, email and Slack notifications are supported with more options coming in the near future.
How do I run a scan node?
Currently, only Forta-approved nodes are allowed onto the network. In later phases, Forta will introduce economic security measures that will allow permissionless scan nodes. Please see the quickstart guide to learn how to setup a scan node.
Do I need special hardware to run scan nodes?
The hardware requirements for running a Forta scan node are described here.
Can I scan other blockchains like BSC?
Yes! Forta supports scanning on several blockchains including Ethereum, Polygon, BSC, Avalanche, Arbitrum, Optimism and Fantom. Scan nodes are able to scan any EVM-compatible blockchain.
What makes a good bot?
Good bots are ones that detect real-world exploits before or as they occur, or provide warning of suspicious or unexpected conditions. A good bot is one that is targeting a specific condition i.e. if a bot alerts on more than 5% of transactions, the usefulness of those alerts would not be very high as it is difficult to know what to pay attention to.
Where can I get ideas for bots?
The best ideas for bots are actual exploits that occur in the real world. As the DeFi space grows rapidly, exploits are occurring almost on a daily basis. To stay up-to-date on these exploits, you can check out the rekt.news website or subscribe to the Blockchain Threat Intelligence newsletter. You can also see bots that are currently deployed by other protocols on the Forta App Discover page.
Also, if you are writing bots for your own protocol it can be useful to think about the types of conditions you want to be notified of, either in your own protocol or upstream/downstream protocols.
Do I need special hardware to build bots?
The average consumer laptop is more than sufficient to build bots. If you are using your existing developer machine, you will do great.
How can I create alerts that only I can see?
You can write a "private bot" to generate alerts that can only be understood by you. See the documentation on writing private bots.
Can I include sensitive information like API keys in my bot?
Bots are stored as Docker images in a public repository i.e. anyone can access and inspect the image and its contents. Currently, there is no supported mechanism for storing secrets on bots. We do not recommend storing high-value secrets on the bot. Please see the pattern for hiding sensitive data to learn more.
Where is my keyfile?
forta-agent CLI will generate a keyfile for you the first time you initialize a bot project. It can be found in the ~/.forta folder. To get the absolute path and address of your keyfile, use the
npm run keyfile command from your project folder.
Can I use my existing Metamask key to publish bots?
You can use any key you prefer for publishing bots.
My Infura consumption is high during development. What can I do?
If the free tier of services like Infura is not meeting your local development requirements, you can consider running a light Geth node locally. To do this, you would install Geth and then run the command
geth --syncmode light --http. This will expose a JSON-RPC endpoint (defaults to
http://127.0.0.1:8545) that you can point your bot to using the
jsonRpcUrl config property in forta.config.json.