ETH Watchtower | Real-Time Blockchain Forensics & Risk Scoring

ETH Watchtower

Real-Time Blockchain Forensics & Risk Scoring

The Problem: Speed and Opacity.

Every single block, malicious actors deploy scam tokens and factory-generated fraud. Investigators are drowning in noise and flying blind:

Too Slow: Post-mortem analysis happens after the money is gone.
Black Boxes: Risk scores give a number, but don't explain why.
No Visualization: Lists of transactions hide the relationships between deployers.

Sophisticated researchers need more than a file explorer. They need real-time intelligence.

Core Modules

1. Live Monitor

Real-time event streaming. Filter 100,000+ events without lag the millisecond they hit the mempool.

2. Risk Engine

Composite risk score (0-999) based on heuristic weightings. Transparent logistic regression models, not black boxes.

BurstMint: Risk
Self-Allocation: Risk
High-Frequency: Risk

3. Graph Explorer

Visual intelligence. Automatically cluster contracts by bytecode hash and map deployer relationships.

Detection Methodology.

Vulnerability Detection

Commonly exploited vulnerabilities in smart contracts are flagged and added to each new deployment, for example:

Reentrancy paths
State variable shadowing
Phishing via tx.origin
Unchecked delegatecall
Signature malleability
Integer truncation

Honeypot Mechanics

Fake token implementations
Hidden minting & fee-on-transfer
Burst Minting inflation
Deployer Self-Allocation
Phony renounced ownership
"Return bomb" contracts

Proxy Behavior

Metamorphic redeployment
Selector clash risk
Self-destruction paths

Control-Flow Risk

Infinite loops
Gas-dependent logic
Factory-driven expansion

The Alpha: Network Graph & Bytecode Pivot.

Scammers reuse code. We catch them.

ETH Watchtower automatically clusters contracts by bytecode hash, source code and deployers to visualize the ecosystem.

Bytecode Pivot: Detect "factory patterns" even if the wallet is fresh.
Visual Intelligence: Instantly map the web of relationships between deployers.
Flag Heatmaps: Identify threats that human analysts miss.

Web Platform Interface.

Visualizing the Dark Forest with a easily customizable web interface written in React.

Main stream

Live Monitor
Real-time mempool event streaming and filtering.

Graph Explorer

Graph Explorer
Visualizing deployer relationships and clusters.

Risk Analysis

Risk Engine
Detailed heuristic breakdown and scoring.

Main HUD

HUD
Easy to understand HUD.

Graph Explorer

Heatmap
Visualizing risk heatmap.

Risk Analysis

Contract Analysis
Detailed contract analysis.

Terminal Platform Interface.

Power-user TUI for advanced forensics and analysis.

List View

List View
Overview of monitored contracts.

Details View

Details View
In-depth contract information.

Transaction History

Transaction History
Multi-layered transaction analysis.

ABI Inspector

ABI Inspector
Contract interface exploration.

Help System

Help System
Comprehensive command reference.

Real-time Statistics

Real-time statistics
Live monitoring and analytics.

Case Studies: Real Threats Neutralized.

1. The Hidden Tax Honeypot

Scenario: A token launched with "0% Tax" marketing.

Watchtower Detection: Identified a hidden _taxFee variable set to 99% in the unverified constructor arguments.

Outcome: Flagged as CRITICAL (98/100) 12 seconds after deployment.

2. The "Pepe" Copycat Ring

Scenario: 14 seemingly unrelated tokens launched simultaneously.

Watchtower Detection: Graph Explorer clustered all contracts by bytecode hash and linked them to a single Tornado Cash funded deployer with a history of deploying similar contracts.

Outcome: Identified as a coordinated rugpull ring before liquidity was added.

Technology: Built for Speed & Privacy.

React + TypeScript + SQLite
A responsive frontend backed by a robust streaming backend service.

Memory-Efficient Log Ingester
Handles massive datasets.

High-Throughput Go API
Custom backend services written in Go for historical data aggregation and cross-chain signal normalization.

Epoch-Aware Analysis
Parses historical boundaries (The Merge, Shanghai, London) to apply context-specific heuristics rather than generic scanning.

Local-First Forensics
Case management and investigation notes are stored locally. We don't see your alpha.

Modular Design
Decoupled 'Analytics' allows plugging in new risk models instantly.

Our Philosophy.

Blockchains are transparent machines. Security intelligence should be transparent too.

Rather than hiding analysis behind proprietary walls, Watchtower treats the chain as a public library of code, incentives, and human creativity — sometimes brilliant, sometimes malicious, always fascinating.

By illuminating how contracts actually behave, the tool contributes to a safer and more self-aware cryptoeconomic ecosystem.

Project Milestones.

1. Local Researcher

Open Source / Free

Full forensic dashboard
Local-first privacy
Bring-Your-Own-Keys

2. Pro Analyst

Hosted SaaS

Persistent Case Files
Cloud-hosted Node Access
Team Collaboration

3. Enterprise API

Institutional

Raw JSON Data Streams
Custom Risk Models
SLA Support

Support the Project.

Help us build the future of EVM based blockchain forensics.

ETH QR Code

ETH/ERC20

0x968cC7D93c388614f620Ef812C5fdfe64029B92d

BTC QR Code

BTC

bc1qkmzc6d49fl0edyeynezwlrfqv486nmk6p5pmta

Every contribution helps us improve detection accuracy and add more features.

Frequently Asked Questions.

How is the risk score calculated?

The score (configurable range 0-999) is a composite of weighted heuristics including bytecode analysis, liquidity patterns, and ownership controls. It is deterministic and explainable, not a black box.

Can I customize the detection models?

Yes. The 'Analytics' is modular. Institutional clients can adjust weightings or plug in proprietary risk models to match their specific threat tolerance.

Is this financial advice?

No. ETH Watchtower provides forensic data and behavioral analysis. It is a tool for research and security assessment, not investment recommendations.

Initialising forensic document...

Screenshot Preview