Contents
We want to support end-to-end development for your projects in the Hiro Platform, and while we’ve launched many tools in the Hiro Platform to help you develop and build your projects, we haven’t added many features to aid you after you deploy a project to mainnet. That changes with the latest release in the Hiro Platform.
Monitoring Alerts for Your Contracts
As we’ve seen throughout the history of Web3, hacks in crypto reveal the risks of sensitive smart contract calls being exploited. After a developer deploys a contract via the Hiro Platform, it can be difficult to understand how the contract is being used.
We’ve added new contract monitoring features that enable you to set alerts when specific functions are called in your smart contracts. This enables you to detect and respond to suspicious contract activities, enhancing the security of your app throughout the contract lifecycle.
For example, let’s say you have a smart contract with a <code-rich-text>principal-construct?<code-rich-text> function that creates an <code-rich-text>admin<code-rich-text> principal for your app that enables your team to interact with private functions in your smart contract.
This is a sensitive function, and maybe you want to monitor calls to this particular function. With the new contract monitoring feature in the Hiro Platform, you can get notified every single time the <code-rich-text>principal-construct?<code-rich-text> function is called to make sure that all calls to this sensitive function are intentionally made by you. These alerts can be part of your incident response plan, allowing you and your team to respond to issues more quickly.
This feature goes beyond just security—it’s also a way to better understand how your contracts are being used. You can also set up alerts for various public functions in your smart contract to gain insight on which functions are receiving the most calls and how users are interacting with your contract.
How It Works
When logged in to the Hiro Platform, you can configure alerts for any contract calls on mainnet, whether that’s a <code-rich-text>set-contract-owner<code-rich-text> function, a transfer/mint/burn function, or anything else you’ve implemented that you want to monitor.
Once you identify the calls you want to monitor, you can further hone in on the specific function calls by creating predicates that filter for argument values and the address of the wallet which called the function.
You can monitor these alerts in the Hiro Platform, and you can also choose to receive email alerts every time one of those alerts is triggered. Or configure webhook calls, which can be used for all kinds of customized alerting flows (for example, you could use this webhook call to trigger a Slack message).
Setting Up a Contract Alert
Connecting a Contract
Setting up an alert is easy. Simply toggle to the “Monitor” tab once you log in to your Hiro Platform account. From there, you can look up any on-chain contract by its principal + contract name.
All contracts deployed to mainnet are public, and you can monitor and set up alerts for any of them, regardless of whether you are the deployer.
Alternatively, you can also connect your wallet to view your deployment history and choose any contracts you’ve previously deployed in order to set up alerts for them.
Creating an Alert
Once you are monitoring a contract, you can view its transaction history and any pending transactions in the mempool. You can also set up custom alerts for the contract.
Alerts can target function calls within specific arguments or caller addresses, giving you flexibility in how you configure your alerts. You can also choose whether you’d like to receive email alerts and webhook alerts to get notified about these alerts in near-real time.
With each alert you set up, you can view the alert’s history and the response status from any webhook calls made. You also have the ability to edit existing alerts to hone in your conditions or notification preferences over time.
Conclusion
We hope this new feature increases your confidence in your code as well as your code’s security, and you can get started with your alerts in Hiro documentation. If you have any feedback, please reach out to us in the #hiro-platform channel under the Hiro Developer Tools section on Discord.
