Umbra — Intelligent Firewall
Umbra is Blackhole’s off-chain validation layer. It filters risky or malicious execution routes before the user signs. Instead of relying on slow, RPC-heavy simulations, Umbra combines static pattern matching with lightweight machine learning to detect threats in real time.
Key Capabilities
Static Pattern Filtering
Detects known malicious contract patterns: honeypots, proxy traps, approval drainers, reentrancy, and self-destruct logic.
Works instantly, without RPC calls or forked simulations.
Fully configurable based on protocol risk tolerance.
ML-Based Risk Scoring
Models trained on failed transactions, revert patterns, gas anomalies, and contract behaviors.
Continuously updated with live execution data to reduce false positives.
Classifies routes based on both structural and behavioral signals.
Pre-Signature Enforcement
Validates full execution paths before a wallet requests approval.
Blocks unsafe or unexpected flows at the signing stage.
Integrates seamlessly with fallback logic in Blackhole Diamond.
Self-Learning Feedback Loop
Learns from post-execution outcomes.
Flags new threat signatures and high-risk contracts automatically.
Reduces reliance on human curation and external audits over time.
Performance
Average validation time: 5–15 ms per route (static + ML).
Throughput: >2,000 tx/sec per CPU core.
Stateless architecture: horizontally scalable, containerized, easy to deploy.
No chain emulation or simulation delays.
Umbra allows wallets and dApps to instantly show validated, human-readable execution paths — even for complex cross-chain flows. This makes it practical for high-frequency environments like aggregators, relayers, and agents.
Differentiation
Traditional DeFi stacks only detect risks after the user signs — or not at all. Umbra enforces security before signature, understanding both what a transaction does and what it could do. Unlike simulation engines, Umbra is gasless, fast, and scalable by design — combining firewall precision with ML adaptability.
Last updated