Skip to main content
Incidents show when transactions were dropped because they violated assertions protecting contracts. This happens when a transaction that interacted with an assertion-protected contract was dropped by the Enforcer because it caused an assertion to revert.

How Incidents Are Grouped

An incident represents the invalidation of an assertion over a one-hour time period. Multiple dropped transactions can belong to the same incident if they violate the same assertion within that window. Why group transactions into incidents?
  • An attacker may craft multiple transactions that all violate the same assertion—these represent the same logical attack
  • One hour is a reasonable estimate for how long an attack attempt might last
  • After one hour without violations, a new invalidation likely indicates a different attack and creates a new incident
This grouping ensures you receive meaningful alerts without being spammed by repeated notifications for the same security event.
This is our initial approach to incident grouping and may be refined based on user feedback.

Incidents View

Access incidents from the Incidents tab in the dApp navigation bar. This shows a limited view of all incidents across all networks:
  • Network: Which network the incident occurred on
  • Timestamp: When the transaction was dropped
  • Transaction Hash: Hash of the dropped transaction
Incidents View

Incidents View

The Incidents tab is publicly accessible. Anyone can view this limited incident information.

Project Dashboard Incidents

As a project owner, you can view detailed incidents for your projects in the project dashboard. See Projects for information about accessing your project dashboard.
Incident in Project Assertion Dashboard

Incident in Project Dashboard Assertion View

View incidents in the Recent Incidents container on the project dashboard. Click on an incident to see:
  • Transaction Object: The full decoded transaction that was dropped (viewable as JSON)
  • Transaction Hash: The hash of the dropped transaction
Detailed Incident View

Detailed Incident View

Only project owners can view detailed incidents for their projects. Non-owners viewing a project see events (when contracts and assertions were added or removed), not incidents.

Real-Time Alerts

When viewing your project dashboard as an authenticated project owner, incidents update in real time:
  • Auto-Updating UI: Components listing incidents automatically prepend newly received incidents to the list
  • Toast Notifications: A notification appears in the upper right corner stating “an incident for this project was received”
  • Live Updates: Real-time updates only occur when viewing that specific project as its authenticated manager
External Alerts You can also set up external alerts via webhooks:
  • Slack Integration: Configure Slack webhooks to receive incident notifications in your Slack channels
  • PagerDuty Integration: Configure PagerDuty webhooks to receive incident notifications
See Integrations for setup instructions.

Use Cases

  • Monitor when assertions prevent violations for your projects
  • Understand attack patterns and attempted exploits targeting your protocol
  • Add or refine assertions based on incident data
Incident viewing is read-only. You cannot modify or delete incident records.

Next Steps

dApp Overview

Learn more about the dApp

Transparency Dashboard

Browse projects and assertions

Writing Assertions

Learn how to write effective assertions

Architecture

Understand how assertion validation works