The Metropolis Team has successfully onboarded countless organizations in the Ethereum ecosystem to pods, now protecting over $137M in value. In our time working closely with on-chain organizations, we discovered a quiet epidemic: faulty smart contract permissions.
Today, we are pleased to introduce our newest product, the Podarchy Explorer, a visual interface for searching and exploring on-chain relationships, enhancing security and oversight in the process.
Crypto’s biggest risk is itself: faulty smart contract permissions currently pose a massive threat to the entire ecosystem.
Improperly designed and executed permissions can enable unauthorized access to vital functions or assets, compromise ownership, and facilitate centralization and censorship avenues, thereby jeopardizing the entire ecosystem. Detecting and rectifying such vulnerabilities can be challenging, as they are frequently concealed within intricate contract frameworks and obscured by layers of code.
The Podarchy Explorer indexes on-chain control systems in a spatial interface, with most attention to smart contract permissions. You can search any on-chain entity (wallet, multi-sig, smart contract) and easily view its connections to and permissions over smart contracts – no technical knowledge required.
With every search, comes the opportunity to reveal flaws and anti-patterns across the ecosystem. We have a responsibility to make known the unknowns of our protocols and core systems, or uncover the Dark Forest.
To support this experience, we’ve indexed the two most widely adopted (and abused) vectors for on-chain control: Safe membership and smart contract access control patterns.
With the Podarchy Explorer, you can:
- Search a wallet, Safe or smart contract address to view any permissions held over associated smart contracts
- View relationships between ecosystem actors and automated contracts
- View high-level contract functions and assets of on-chain entities
The Podarchy Explorer shows up to three degrees of relationality. This means that you can become immersed in complex investigations–uncovering true ownership and control centers as you navigate across protocols, service providers and contributor ecosystems.
The misuse of permission primitives has introduced significant centralization, security risks, and liability implications. Failing to address these risks jeopardizes the progress we’ve made in building censorship-resistant, decentralized systems. If the industry is to succeed, it is crucial to unmask these hidden permissions and rectify them.
The Podarchy Explorer offers a way to do just that, giving everyone – technical and non-technical – the tools necessary to discover and address these risks before it’s too late.
To start discovering hidden permissions - visit the Podarchy Explorer.