OPRR Flash Depth Data

Search Extension

Three sentences taught me how to work as a security guard in Shenzhen.

2025-06-13 21:25

Read this article in 16 Minutes

Original Source: GoPlus
Author: anymose

Fu Hang said he had worked as a BA at a Fortune 500 company — a "Building Attendant" (security guard). The audience erupted in laughter, but I couldn’t laugh at all. In fact, I felt like crying.

Because I had been a BA too.

But while he was a BA at a Fortune 500 company, I was just a simple security guard at "Shenzhen Nanshan Xili Town Tanglang Village Metal Craft Products Co., Ltd."

Let's dive deeper!

Being a security guard isn’t that demanding. For Fu Hang at the Fortune 500 company, he only needed to learn two phrases: “Yes Sir!” and “Welcome home!” But for me, it wasn’t so easy. My factory had stricter rules, and I had to learn three phrases:

- "What are you doing?"
- "You’re not allowed in here!"
- "Sign in here!"

It took me a week to master these three sentences, and I even made shorthand notes for them. For example, the first phrase, I secretly abbreviated as “WAYD.” Later, when I transitioned into Web3, I quickly noticed a massive issue: this space is utterly exposed. There’s no "security room" to safeguard it!

What the...?

Blockchain preaches "not your keys, not your coins," transferring security sovereignty to regular users. This means that all security responsibilities rest entirely on the users themselves, who must learn and manage it. It’s like creating a residential community where the residents must safeguard their own property without having security guards or any organized protection.

Does that make sense?

Breaking down the theft process, it often boils down to three steps: initiating malicious approvals, transactions, or contract interactions (whether passively or actively) — sending them through wallets/RPC nodes to mempools/validation networks — and finally having the ledger update once the node confirms the transaction. And just like that, your assets are gone. To relate this to the security guard scenario, it’s equivalent to someone sneaking into a residential community or factory, bypassing defenses, and escaping with valuables.

The most effective and fundamental solution to prevent asset theft is to intercept it directly on the blockchain. Why? Because transaction methods are exceedingly complicated — different wallets, applications, RPC nodes, transaction types, etc., all make the landscape more complex. However, every transaction ultimately follows the same flow when reaching the second step: processing in validation nodes or mempools. That’s where we should intercept them and take preventive measures.

Who’s tackling this problem? Enter @GoPlusSecurity — a blockchain project focusing on security network defense. They provide an open, permissionless, and user-driven modular Web3 security layer. And their solution? It’s essentially the same as the three phrases I used as a security guard — remember those?

GoPlus Security Module, abbreviated as GSM, can be remembered with the phrase “Got Security Measures?” mimicking the casual phrase often spoken by security guards, “干什么” (meaning "What are you doing?"). This is the latest native security module launched by GoPlus, which can be seamlessly integrated into node clients to detect and intercept high-risk transactions in real-time, protecting asset security.

Keywords: Real-time, Native, Polymorphic—let me elaborate on each.

Native Integration

It’s not an API, nor a plugin. GSM is a native module that can be deployed and embedded directly into node clients, operating at the node level, allowing for deep integration with various blockchain protocols. Recently, GoPlus released a transaction replay report, revealing that if BNB Chain nodes had GSM embedded, 97 out of 100 attacks in the past year could have been stopped—an impressive 97% success rate! If deployed in a real-world environment, this translates to a whopping $22 million saved.

The advantages of this native integration at the node client level are glaring. Think of it as preventing a thief from entering your house by first passing through a guard post or security net. Without GSM, it’s like leaving your house wide open and assets vulnerable to theft. GSM performs proactive assessments and interceptions before assets even enter the mempool, making it far tougher for attackers to bypass compared to traditional wallet or API solutions.

Real-Time Protection

It’s not about passively taking hits; it’s about proactively striking back. GSM is capable of real-time analysis of diverse attack vectors, including interactions with blacklisted addresses, phishing attacks, MEV attacks, gas abuse, risky authorizations, and "pincushion" transactions (貔貅交易), covering most Web3 threat scenarios.

How is this achieved? Long-time GoPlus users may already know about their early development of the Security Data Layer and Security Compute Layer, which enable multidimensional analysis and threat detection. GSM leverages GoPlus's proprietary verification service, with SecWare AVS nodes running tasks such as transaction simulations and malicious address detection, ensuring highly efficient and accurate risk evaluation.

Polymorphic Support

GSM has officially launched and, in theory, can now be seamlessly integrated into most EVM chains. The roadmap suggests that Solana, Move-based blockchains, and others may be next. Another layer of "polymorphism" is that users can configure various security policies tailored to different chains, use cases, and wallets—essentially offering customizable protection strategies.

How effective is it? Based on the replay data disclosed above, their detection rate reaches 97%. Over the past year alone, 100 security incidents on the BNBChain could have avoided losses amounting to $22 million. Additionally, the module's efficiency in node operation is excellent, with transaction latency being less than 40ms, and it can run stably under 1000 TPS load.

How was security protection done before GSM? In other words, how does GSM differ from traditional protection mechanisms? Wallets and UI are two commonly encountered security protection scenarios; let me use these two as examples to explain.

Wallet

Take OKX wallet @wallet as an example. Significant efforts have already been made on the security front. As a non-custodial wallet, users manage their private keys locally by themselves. Therefore, the wallet can only parse the transaction before signing and then alert users on the interface to verify the details. The OKX wallet has also integrated some security APIs, allowing it to detect whether a target address or smart contract is on a blacklist, providing warnings accordingly.

Users can also take proactive measures such as risk checks and revoking high-risk authorizations, which are now supported functionalities.

While these features are great, the primary caveat is that they rely heavily on users' basic operational skills and knowledge. This essentially means notifying users of potential risks and expecting them to perform the necessary checks and protective measures. From a technical standpoint, if users are unaware of anti-MEV capabilities or have not activated this feature, many high-risk transactions can bypass checks entirely — there's no way around this limitation.

And of course, if you lose or leak your private key, not even the king of heaven himself can save you.

UI

UI refers to the interface, and it essentially serves as an auxiliary tool — like safety posters displayed in your neighborhood. The most common implementation is to provide detailed explanations every time you sign, authorize, or confirm a transaction. If there’s any risk, a warning will pop up.

This is highly demanding. Expecting average users to become security experts in a short period is unrealistic. UI reminders can only display the most basic hints, which in itself requires users to comprehend them — a fundamentally flawed expectation.

Overall, GSM can actively intercept transactions before they enter the mempool, without requiring user understanding or intervention. It effectively compensates for users' lack of subjective ability. Since it operates on the node layer, it’s much harder for attackers to use spoofed interfaces or bypass APIs to interfere with the system, significantly enhancing security. Compared to the latency of APIs, GSM's sub-40 millisecond runtime speed means that thieves get neutralized before even reaching the door.

If you’ve read this far, I believe you share a concern similar to mine: how does the security guard avoid becoming a thief themselves? Exactly, no matter how powerful GSM is, if it turns malicious, wouldn’t its potential for harm increase exponentially? What happens if the guard themselves becomes a thief? When I delved deeper into how GSM addresses this issue, I ended up laughing out loud.

Turns out, high tech isn't all that different from our security company, huh?

Don’t start by telling me that GoPlus is a well-established name in security and trustworthy. I know you serve over 20 million users, 1,500+ ecosystem applications, and I’m aware you’ve passed all sorts of security audits and third-party verifications. What I want to hear is something fresh — something truly decentralized and trustless.

Well, there actually is.

First is the technical oversight. Now, this isn’t just the conventional security audits we're talking about. This is GoPlus’s decentralized self-verification system, SecWare AVS. It’s a distributed node system where security oversight isn’t controlled by a single node. It’s like the shift rotations in our security company where guards take turns to cross-check and supervise each other. Heh, same idea.

In addition to internal technical oversight, the community is also a key part of GoPlus. Driven by the $GPS token economic model, ecosystem developers, node operators, and users can participate in the maintenance and optimization of GSM, as well as the validation and evaluation of the threat database and AI models via the SecWare Protocol. This ensures transparency and fairness.

And finally, we circle back to the end user. GoPlus also supports customizable security strategies, meaning security modules can be tailored to user preferences. It’s like homeowners deciding whether to keep a safe, carry pepper spray, or have a one-touch emergency BB CALL system at home.

Why did I become a security guard? Well, it was because I didn’t make it into one of the top 2 universities during my first try at the college entrance exams. Feeling defeated and rebellious, I didn’t want to continue my studies. My mom then sent me to work at my uncle’s factory to “toughen me up.” My uncle wasn’t joking—he put me to hard labor, skipping the air-conditioned office and making me work out front as a security guard.

Out of sheer spite, I stuck it out for over a month before giving up... and eventually went back to re-study. Even after all these years, I still vividly remember the three rules of security my supervisor taught me:

· What's the task? - AI-driven threat detection

· Not allowed here! - Blocking transactions before they enter the mempool

· Register here! - Community-led transparent oversight

This is a soft-core explainer. By reading this, you can gain a surface-level understanding of the following topics:

· Shortcomings in blockchain security architecture

· The innovative solution of GSM

· How to quickly learn to be a security guard (just kidding)