Skip to content

Starter Kit Bot Details

Frequent Doc Updates

Forta will continue to add more curated security bots in the coming months, so stay tuned and come check this page frequently for new updates!

Alert Combiner

Bot Name Bot Stats Bot Source Code Supported Chains
Alert Combiner Stats URL Github Repo URL All

Combines past alerts under a common address from a variety of underlying bots to emit a high precision alert. It does so by mapping each alert to the four attack stages (Funding, Preparation, Exploitaiton and Money Laundering) applying a variety of heuristics (e.g. an alert has to exist for each of the four stages) to emit an alert.

Anomalous Token Transfers Detection Machine Learning Bot

Bot Name Bot Stats Bot Source Code Supported Chains
Anomalous Token Transfers Detection Machine Learning Bot Stats URL Github Repo URL Ethereum Mainnet

This bot utilizes the Isolation Forest machine learning technique to detect anomalous transactions with erc20 token transfers.

Anomalous Transaction Volume

Bot Name Bot Stats Bot Source Code Supported Chains
Successful txn Stats URL Github Repo URL Ethereum Mainnet, BSC, Polygon, Optimism, Fantom, Arbitrum, Avalanche

This bot detects successful transactions that have one or more failed internal transactions.

Asset Drained

Bot Name Bot Stats Bot Source Code Supported Chains
Asset Drained Bot Stats URL Github Repo URL Ethereum Mainnet, BSC, Fantom, Avalanche

This bot detects when digital assets are fully drained from a contract.

Chainalysis Sanctioned Addresses

Bot Name Bot Stats Bot Source Code Supported Chains
Chainalysis Sanctioned Addresses Stats URL Github Repo URL All

This bot detects transactions that involve Chainalysis sanctioned addresses.

The bot listens to the Chainalysis Sanction Oracle Contract's sanctioned events and maintains a local list of sanctioned addresses.

Evidence of Phishing Bot

Bot Name Bot Stats Bot Source Code Supported Chains
Evidence of Phishing Agent Stats URL Github Repo URL Ethereum Mainnet

Users approving token transfers to an address or contract may be a behavior indicative of an ice phishing attack.

This bot detects when a high number of EOAs call the approve() or increaseAllowance() methods for the same target EOA/ contract over an extend period of time. This bot emits two types of alerts: first for the approvals that occurred and another when attacker is making the transfers.

Exploiter Addresses

Bot Name Bot Stats Bot Source Code Supported Chains
Exploiter Addresses Stats URL Github Repo URL All

This bot detects transactions that involve known exploiter addresses.

Flashbot Detection Bot

Bot Name Bot Stats Bot Source Code Supported Chains
Flashbot Detection Bot Stats URL Github Repo URL Ethereum Mainnet

This bot detects if a transaction was made using Flashbots bypassing the mempool.

Flashloan Detection Bot

Bot Name Bot Stats Bot Source Code Supported Chains
Flashloan Detection Bot Stats URL Github Repo URL Ethereum Mainnet, Optimism, BSC, Polygon, Fantom, Arbitrum, Avalanche

This bot detects if a transaction contains a flashloan and the borrower made significant profit

Mint/Borrow Anomaly Detection Bot

Bot Name Bot Stats Bot Source Code Supported Chains
Large Mint Borrow Volume Anomaly Detection Stats URL Github Repo URL Ethereum Mainnet

This bot detects if an anomalous volume of mints and/or borrows occurs.

NFT Sleep Minting Detection

Bot Name Bot Stats Bot Source Code Supported Chains
NFT Sleep Minting Detection Stats URL Github Repo URL Ethereum Mainnet

This bot detects transactions that may indicate NFT Sleep Minting.

Sleep Minting is when an attacker mints an NFT directly to a famous creator's wallet with permissions to reclaim or pull the NFT back out of the creator's wallet. This creates the appearance that (1) a famous creator minted an NFT to themselves, and (2) the creator sent that NFT to an attacker. Based on “on-chain” provenance, the attacker can claim they own an NFT created by a famous artist and sell it for a high value.

You can read more about what this is and why it matters here

OpenZeppelin-Gnosis Safe Contract Events

Bot Name Bot Stats Bot Source Code Supported Chains
oz-gnosis-events Stats URL Github Repo URL Ethereum Mainnet, Polygon, Avalanche, Arbitrum, Optimism

This bot detects ALL events from smart contracts defined in the openzeppelin-contracts and gnosis-safe Github repositories

Price Change Anomaly

Bot Name Bot Stats Bot Source Code Supported Chains
Smart Price Changes Agent Stats URL Github Repo URL Ethereum Mainnet

This bot detects when there are drastic price change anomalies based on on-chain price oracles (i.e. Uniswap and Uniswap deriveratives.)

Reentrancy Counter

Bot Name Bot Stats Bot Source Code Supported Chains
Reentrancy Calls Detection Bot Stats URL Github Repo URL Ethereum Mainnet, BSC, Polygon

This bot detects reentrancy based on the call stack provided in the transaction traces. The bot reports the number of repeated calls with different severities levels.

Suspicious Contract Creation

Bot Name Bot Stats Bot Source Code Supported Chains
Suspicious Contract Creation Stats URL Github Repo URL Ethereum Mainnet, BSC, Polygon

This bot detects when a suspicious contract is created. A suspicious contract can take many forms; initially, this bot will alert on contracts that were created from Tornado cash funded accounts.

Token Impersonation

Bot Name Bot Stats Bot Source Code Supported Chains
Token Impersonation Stats URL Github Repo URL Ethereum Mainnet

This bot detects if an ERC-20/ ERC-721/ ERC-1155 contract gets deployed with the same symbol of an existing deployed contract. This may be indicative of a scam or phishing attack.

Tornado Cash Funded Account Interaction

Bot Name Bot Stats Bot Source Code Supported Chains
Tornado Cash Funded Account Interaction Stats URL Github Repo URL Ethereum Mainnet, BSC, Polygon, Arbitrum, Optimism

This bot detects when an account that was funded by Tornado Cash interacts with any contract.

Unverified Contract Creation

Bot Name Bot Stats Bot Source Code Supported Chains
Unverified Contract Creation Stats URL Github Repo URL Ethereum Mainnet, BSC, Polygon

This bot detects when a contract is created that isn't verified on Etherscan within 30 min of creation.