Metropolis Wants to Make It Easier To Spot Faulty Smart Contract Permissions

Exclusive: No technical expertise required to visualize smart contract permissions

April 11, 2023 08:53 am

OV11/Shutterstock modified by Blockworks

Smart contract permissions have been at the center of many hacks in the cryptocurrency ecosystem since their inception.

From recent the Wormhole counter exploit to Euler finance’s hack and the bZx DAO ruling, identifying faulty smart contract permissions could help protect the broader cryptocurrency ecosystem.

Newsletter

Subscribe to Blockworks Daily

Metropolis, a company committed to protect on-chain permissions, said it hopes to achieve this with the launch of “The Podarchy Explorer,” a spatial interface that allows users to visualize smart contract permissions.

“We’ve been doing a lot of thinking on how we can bring faulty permissions to the surface, because they pose both a security risk in terms of basic user funds, but they also undermine ownership itself,” Chase Chapman, governance researcher at Metropolis, told Blockworks.

Using the platform, users can search any on-chain entity — including externally owned accounts (EOAs), multisigs, and smart contracts — and identify all relevant connections and permissions.

“Governance tokens don’t mean anything if they don’t have permissions to govern,” Chapman said. “The Podarchy Explorer will surface those permissions and easily identify faulty permissions without having to deep dive into code.”

Specifically, the company has indexed two widely adopted vectors for on-chain control: Safe membership and OpenZeppelin access control. It intends this to enable users to search up any wallet and addresses associated with Safe membership and help them to view its permissions over associated smart contracts.

“The Metropolis team anticipates the Podarchy Explorer will reveal some major flaws and anti-patterns across the ecosystem, which is ultimately positive, as hidden faulty permissions are posing a massive threat to the entire space,” Chapman said.

Get the news in your inbox. Explore Blockworks newsletters:

Blockworks Daily: Unpacking crypto and the markets.
Empire: Crypto news and analysis to start your day.
Forward Guidance: The intersection of crypto, macro and policy.
0xResearch: Alpha directly in your inbox.
Lightspeed: All things Solana.
The Drop: Apps, games, memes and more.
Supply Shock: Bitcoin, bitcoin, bitcoin.

Tags

smart contracts

Newsletter

Blockworks Daily

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy tickets learn more

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy tickets learn more

Permissionless IV Hackathon

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

learn more

recent research

Research

Trust-Minimized Crosschain Interoperability

Union’s improvements upon Tendermint consensus through CometBLS, coupled with ZK proving through Galois, allow for a broadly scalable, cost efficient, and low latency IBC implementation that is feasibly scalable across every existing blockchain, virtual machine and runtime. The implementation offers modular crosschain interoperability without the need for trusted intermediaries.

by Luke Leasure