Summary: If you're in a decision-making role, having a real-time understanding of wallet risks, MEV exposure, and how healthy the protocol is will be critical as we roll into 2025. This guide breaks down the latest changes in tech and regulations--like Pectra (EIP-7702, EIP-7691), MEV market structure, and some key L2 security developments--into straightforward monitoring checklists, KPIs, and examples that your team can start using this quarter. Check it out here: (blog.ethereum.org)

Web3 blockchain intelligence: Monitoring Wallet Risk, MEV, and Protocol Health

For startups and enterprises alike, “blockchain intelligence” became essential the moment Ethereum rolled out its Pectra upgrade on May 7, 2025. This update brought significant changes with EIP‑7702 tweaking wallet behaviors and EIP‑7691 enhancing how rollups handle data. These adjustments alone have completely transformed wallet attack surfaces and L2 cost dynamics. When you throw in the fast-evolving sanctions guidance and a builder-dominated MEV market, it’s clear that the old dashboards just don’t cut it anymore.

In this post, we’re diving into a practical blueprint: we’ll highlight what to keep an eye on, how to measure it, and which controls can give you an immediate boost in risk reduction or margin upside. Check it out here: (blog.ethereum.org).

---

1) Wallet risk monitoring (what changed in 2025 and what to do)

Why your wallet risk model needs an update now

• Pectra rolled out “temporary smart accounts” through EIP-7702, allowing EOAs to hand off execution logic for cool features like batching and gas sponsorship. While this is a game-changer, it’s also been targeted in phishing kits that use batch signatures and delegated code. Make sure your monitoring system flags those 7702 authorizations and tracks where they point. (blog.ethereum.org)
• On the regulatory front, the U.S. Treasury took Tornado Cash off the SDN list on March 21, 2025, following the 5th Circuit’s ruling in 2024 that limited OFAC’s grip on immutable contracts. This means that sanctions screens considering any Tornado-related transactions as an automatic fail are officially outdated. It’s time to shift to risk-based mixing heuristics (check the details below). (theblock.co)
• Stablecoins are ruling the illicit side of things: Chainalysis found that stablecoins made up around 63% of the shady crypto transaction volume in 2024, and this trend is carrying into 2025. TRON and Ethereum are the main players in this game. So, focus on stablecoin heuristics and keep an eye on issuer freeze intel. (theblock.co)
• Issuer freezes are genuine controls (but they can backfire): Tether’s announced several freezes in 2025, including a hefty $23M related to the sanctioned exchange Garantex, and a $12.3M freeze in Tron back in June. Analytics firms are noting the lag windows that some bad actors exploit to move funds before getting blacklisted. Make sure your playbook includes freeze liaisons and a “freeze latency” KPI. (tether.io)
• FATF's update on June 26, 2025, shows only 40 out of 138 jurisdictions were mostly compliant; the enforcement of the Travel Rule is still dragging behind. If you’re working globally, consider the counterparty’s Travel Rule coverage as a risk factor during onboarding and routing. (reuters.com)

A risk-scoring blueprint that actually works post‑Pectra

Keep an eye on these features for each wallet and counterparty:

• 7702 Delegation Risk:
  • Keep an eye out for any active EIP-7702 authorizations. Make sure to note down the delegation target's code hash, deployer, and any changes that happen over time. If the target is either non-audited, upgradable, or freshly minted, give a shout-out! Use chain-bounded or nonced flags to sniff out weak authorizations. (blog.ethereum.org)
• Mixing Heuristics (Post-Tornado Delisting):
  • Ditch the old binary “mixer” flags and switch to a mixer-pattern score. Look out for short-cycle peel chains, common deposit collectors, split-merge fanouts, and time-box obfuscation. Make sure to assign higher weights to mixers that are still on the sanctions list and any obfuscation linked to DPRK TTPs that Chainalysis has detailed. (chainalysis.com)
• Stablecoin Rails Risk:
  • Keep tabs on issuer freeze intel by tracking addresses with recent freezes and calculating the average freeze latency for each chain. Score TRON and cross-chain bridges higher if they show pig-butchering cash-out patterns. Also, it might be a good idea to work with issuers on a “freeze-assist” pathway for smoother incident responses. (cointelegraph.com)
• Account Abstraction Hygiene:
  • Watch out for any exposures in the ERC-4337 stack, like the EntryPoint version and paymaster allowlists. Trigger alerts on wallets that have known AA CVEs or those that make risky EntryPoint changes (think UniPass-adjacent patterns). Keep an eye on 7702 batch signature approvals that display unusual multi-call sequences. (fireblocks.com)
• Regulatory Posture:
  • Classify your counterparties based on their Travel Rule capability and FATF status. If a corridor has low Travel Rule enforcement, consider cranking up the friction a bit. (fatf-gafi.org)

Minimum Viable KPIs

When it comes to tracking the success of your business, figuring out the right Key Performance Indicators (KPIs) is essential. But let’s be real--sometimes it feels overwhelming with all the data flying around. The key is to focus on the minimum viable KPIs that give you the most insight without drowning you in metrics. Here’s a simple guide.

What Are Minimum Viable KPIs?

Minimum viable KPIs are the essential metrics that help you measure the effectiveness of your strategies and operations without getting bogged down by unnecessary data. They provide just enough information to make informed decisions and steer your business in the right direction.

Why They Matter

Sticking to the minimum viable KPIs:

• Saves Time: You'll spend less time analyzing data and more time acting on insights.
• Boosts Clarity: With fewer metrics to track, your team can focus on what really matters.
• Enhances Agility: It allows you to pivot quickly when things aren’t working out as planned.

Examples of Minimum Viable KPIs

Here are some KPIs that can really pack a punch for your business:

1. Customer Acquisition Cost (CAC): This tells you how much you're spending to gain a new customer. A lower CAC means you're doing well!
2. Monthly Recurring Revenue (MRR): For subscription-based businesses, MRR shows you the predictable revenue you can count on each month.
3. Churn Rate: This is the percentage of customers who stop using your service over a certain period. Keeping this low is crucial for growth.
4. Net Promoter Score (NPS): A simple survey can reveal how likely your customers are to recommend your product or service. This can be a goldmine for feedback.
5. Conversion Rate: This metric helps you understand the percentage of users who complete a desired action, like signing up or making a purchase.

How to Choose Your Minimum Viable KPIs

1. Align with Goals: Make sure your KPIs directly relate to your business objectives. What are you trying to achieve?
2. Start Small: Don’t overwhelm yourself with a long list. Begin with a handful and expand as needed.
3. Review Regularly: KPIs aren’t set in stone. Regularly evaluate their relevance and be ready to adjust them as your business evolves.

Conclusion

Choosing the right minimum viable KPIs can really streamline your operations and keep you focused on what’s important. Remember, it’s all about making data work for you, not the other way around. Stick to what’s most impactful, and you'll find yourself navigating your business journey with much more confidence.

• % of user EOAs with active 7702 delegations to vetted code: We’re aiming for over 95% of these to be vetted. Plus, we want the average time to revoke any compromised delegation to be under 15 minutes. (blog.ethereum.org)
• % of inbound value from addresses with over 10% lifetime illicit inflows: Our goal here is to keep this under 0.5%. Also, we’re targeting a median freeze latency for escalated USDT cases to be less than 2 hours. (chainalysis.com)
• Travel Rule coverage of fiat ramps by corridor: We want more than 90% of value to go through compliant VASPs. (fatf-gafi.org)

Practical Example: 7702 Delegation Watch

Let’s dive into a real-world example of the 7702 delegation watch.

Background

The 7702 delegation watch is a tool used to monitor the compliance of life insurance policies with IRS Section 7702. This section sets rules regarding the tax treatment of life insurance products, ensuring they're classified correctly.

Why It Matters

Keeping an eye on the 7702 rules helps ensure policies maintain their tax advantages. If a policy doesn’t comply with 7702, it could lose its tax benefits, which is definitely something you want to avoid!

Key Features

Here's what you should look out for when monitoring 7702 compliance:

• Death Benefit Requirements: Make sure that the policy's death benefit is at least equal to the cash value.
• Premium Limits: Keep track of premiums to ensure they don’t exceed the allowed amounts.
• Policy Loans: Be aware of how policy loans affect the cash value and death benefit.

Tools & Resources

To help with tracking and compliance, consider using these resources:

1. Software Solutions: There are plenty of software tools designed specifically for monitoring 7702 compliance.
2. Regular Audits: Conducting periodic audits on policies can help catch any potential issues early on.
3. Consultation: Sometimes, it’s just best to chat with a tax professional to ensure everything’s above board.

Conclusion

Staying informed about the 7702 delegation watch is crucial for maintaining the tax advantages of life insurance policies. By keeping track of the key features and utilizing available tools, you’ll be better equipped to ensure compliance and avoid any nasty surprises down the line.

• Emit events when there are authorizations for EIP‑7702 signatures and check if the delegation target matches your allowlist.
• Automatically reject swaps if the current delegation target is different from the previously allowlisted target in the last N blocks and the value exceeds a certain threshold.
• Implement a “panic revoke” feature: a simple one-click transaction that resets the delegation back to a no-op contract.
• Keep a runbook that includes issuer contacts and details about how we package on-chain evidence. Also, track the time it takes from when an incident happens until the issuer acknowledges it.
• For routing withdrawals, it's best to choose options that have good cooperation with issuers and a history of low blacklist latency, especially for high-risk situations. (tether.io)

---

2) MEV intelligence: from loss prevention to revenue line item

Where the market stands

• Did you know that MEV‑Boost builder auctions make up about 90% of Ethereum blocks? From October 2023 to March 2024, three builders were responsible for an impressive 80% of those blocks. This really highlights the concentration risk and the importance of exclusive order flow. Make sure to keep an eye on builder share and relay policies. (arxiv.org)
• Flashbots is making a big move towards creating a decentralized and verifiable infrastructure. They’re rolling out BuilderNet (which includes TEE‑backed block building with MEV refunds), SUAVE clients, and an open MEV‑Share platform for fair order flow auctions. Getting in on this integration is your best bet to stay ahead of any enshrined PBS changes in the future. (flashbots.net)

What “good” looks like for orderflow quality (OFQ)

• Protection rate: This is basically the percentage of swaps that go through protected or private channels, like MEV Blocker or Protect/MEV-Share. We’re aiming for over 90% to really boost the retail user experience. Check out the details here.
• Rebate capture: This is all about how much ETH (or USD) we snag in backrun rebates for every $1M routed. The CoW DAO has shared that during 2024, they dished out 4,079 ETH in rebates, plus milestone updates showing over $170B-$241B in protected volume expected by mid-2025. These figures are great benchmarks to keep in mind! You can read more about it here.
• Sandwich rate: This measures how many swaps are hit with more than X bps of pre/post price impact in public mempools. The goal is to keep this number close to zero when we use protected flow.

Emerging Best Practices You Can Deploy This Sprint

As you gear up for this sprint, consider incorporating some of these fresh best practices to boost your team's performance and streamline your workflow.

1. Embrace Agile Retrospectives

Why It Matters: Regular retrospectives can help your team reflect on what’s working and what isn’t. It’s all about continuous improvement!

How to Do It: Set aside time at the end of each sprint to discuss successes and challenges. Encourage open communication and constructive feedback.

2. Prioritize User Stories

Why It Matters: Focusing on user stories keeps the end-user in mind, ensuring your product truly meets their needs.

How to Do It: Break down tasks based on user stories. Use tools like Trello or Jira to visualize and prioritize them effectively.

3. Incorporate Pair Programming

Why It Matters: Pair programming can enhance code quality and facilitate knowledge sharing among team members.

How to Do It: Encourage developers to collaborate on coding tasks. This not only boosts code quality but also fosters a learning environment.

4. Use Automation Wisely

Why It Matters: Automating repetitive tasks can save time and reduce errors, letting your team focus on more critical issues.

How to Do It: Identify mundane tasks that can be automated, such as testing or deployment processes. Tools like Jenkins or CircleCI can help.

5. Foster a Culture of Feedback

Why It Matters: A feedback-rich environment can significantly improve team dynamics and productivity.

How to Do It: Encourage team members to give and receive feedback regularly. Consider setting up a buddy system for giving peer reviews.

6. Keep Communication Open

Why It Matters: Clear communication helps prevent misunderstandings and keeps everyone on the same page.

How to Do It: Use tools like Slack or Microsoft Teams for real-time communication. Regular stand-ups can also keep everyone updated.

7. Focus on Technical Debt

Why It Matters: Paying off technical debt ensures your project remains maintainable and scalable in the long run.

How to Do It: Dedicate some time each sprint to address technical debt alongside new feature development. This will help you maintain a clean codebase.

8. Limit Work in Progress (WIP)

Why It Matters: Limiting WIP can boost efficiency and help your team avoid burnout.

How to Do It: Set clear limits on how many tasks can be in progress at once. This encourages the team to focus on finishing tasks before starting new ones.

9. Celebrate Small Wins

Why It Matters: Acknowledging achievements, big or small, can boost morale and motivation.

How to Do It: Make it a habit to celebrate milestones during your sprint. A quick shout-out in a meeting or a fun team activity can do wonders.

Conclusion

Try weaving these best practices into your workflow this sprint, and see how they can enhance your team's collaboration and productivity. Happy sprinting!

• Set up a protection RPC by default:
  • For EVM chains like ETH and the supported L2s, direct your default wallet and dapp RPC to MEV‑protection endpoints (think MEV Blocker). It’s a good idea to keep an eye on inclusion latency and rebate yields, plus make sure you have smart fallbacks in place. Check it out here.
• Use MEV‑Share for backruns that can make you money:
  • If you’re running a wallet or an aggregator, consider sending private transactions to a MEV‑Share node. Make sure the refund splits favor your users. It’s wise to start with backrun-only settings first to keep everything safe and transparent. More details can be found here.
• Keep an eye on builder and relay diversity:
  • Set up alerts if you notice a single builder is handling more than about 35% of your blocks over a week, or if non-content-agnostic relays start to climb. Both situations can hint at censorship risks and can mess with credible neutrality. For more insight, check this out here.

A Simple Analytics Starter (BigQuery + Public Datasets)

Getting into analytics can feel a bit overwhelming, but it doesn't have to be! With Google BigQuery and some public datasets, you can easily dip your toes into the world of data analysis. Here’s how to get started.

What You Need

1. Google Cloud Account: If you don’t already have one, sign up for a free account at Google Cloud.
2. BigQuery: This is Google’s fully-managed data warehouse, perfect for running queries on large datasets.
3. Public Datasets: Google provides a treasure trove of public datasets that you can play around with. Check them out here.

Setting Up BigQuery

Once you’ve got your Google Cloud account set up, follow these steps to get BigQuery running:

1. Create a New Project: In the Google Cloud Console, click on the project dropdown at the top and select “New Project.” Give it a name and click “Create.”
2. Enable BigQuery API: In your new project, go to the APIs & Services dashboard and enable the BigQuery API.
3. Access BigQuery: You can find BigQuery in the navigation menu on the left side of the console. Click it to open BigQuery.

Exploring Public Datasets

Now comes the fun part! You can start exploring public datasets. Here are a few interesting datasets to check out:

• NYC Taxi Trips: Analyze taxi rides in New York City. Perfect for seeing how patterns change over time.
• Google Trends: Find out what people are most curious about on a global scale.
• Wikipedia Pageviews: Dive into which topics are sparking interest and curiosity on Wikipedia.

Running Queries

Once you’ve found a dataset you want to work with, it's time to run some queries! Here’s a simple example to get you started. Let’s say you’re using the NYC Taxi dataset:

SELECT 
  pickup_location_id, 
  COUNT(*) AS num_trips 
FROM 
  `bigquery-public-data.new_york.tlc_yellow_trips_2019` 
GROUP BY 
  pickup_location_id 
ORDER BY 
  num_trips DESC 
LIMIT 10;

This query will give you the top 10 pickup locations for yellow taxi trips in NYC during 2019. It's a great way to see where all the action is!

Visualizing Your Data

To make your insights even more impactful, consider visualizing your data. Tools like Google Data Studio or even Tableau can help turn your query results into eye-catching dashboards.

Next Steps

As you get comfortable with BigQuery and public datasets, you might want to explore more advanced queries, machine learning, or even creating your own datasets. The possibilities are endless!

Happy analyzing!

Check Out MEV‑Share Activity to Gauge Your Rebate Chance

If you're looking to get a handle on potential rebate opportunities for your flow, diving into the MEV‑Share activity is a great place to start. Here’s how you can do it:

1. Explore MEV‑Share Data: Begin by examining the current activity on the MEV-Share platform. This will give you insights into how much rebate you might be eligible for based on your transaction flow.
2. Analyze Trends: Keep an eye on the trends over time. Noticing patterns can help you strategize and maximize your rebate potential.
3. Utilize Available Tools: Don’t forget to leverage any tools or dashboards that MEV‑Share offers. They can simplify the analysis and help you spot opportunities more easily.
4. Stay Updated: Make it a habit to check in regularly. The landscape can change, and you wouldn’t want to miss out on any updates that could impact your rebates.

By staying proactive and engaged with the MEV‑Share activity, you can better estimate the rebate opportunities that might be available to you!

-- Daily count and notional value of MEV-Share backruns
SELECT DATE(block_timestamp) AS d,
       COUNT(*) AS backruns,
       SUM(CAST(value AS NUMERIC)/1e18) AS eth_value
FROM `eden-data-public.flashbots.mev_share`
WHERE DATE(block_timestamp) >= DATE_SUB(CURRENT_DATE(), INTERVAL 30 DAY)
GROUP BY 1
ORDER BY 1 DESC;

Next, you’ll want to connect this with your swaps to figure out the “rebate per routed dollar.” Check out the details here!

Don’t ignore L2 MEV--your users won’t

• Great news! OP Stack chains are now able to connect with external builders thanks to Rollup‑Boost. Unichain has rolled out TEE block building featuring verifiable priority ordering and “Flashblocks” that offer around 250ms confirmations. This means we’re looking at in‑rollup MEV internalization and some solid revert protection. Be sure to chat with your L2s or even your own appchain about builder markets and fairness rules. Check it out here: (rollup-boost.flashbots.net)

---

3) Protocol health: SLOs for Ethereum and rollups in 2025

Ethereum mainnet: what to track post‑Pectra

• EIP‑7691 has given a major boost to blob throughput, cranking it up from an average of 3 to 6 and maxing out at 9. This change is all about scaling L2 data, so keep an eye on those blob inclusion rates, fees, and node bandwidth. Don’t forget to monitor your DA costs and set up alerts for any spikes in blob fees since they’re burned like gas. You can read more about it here.
• EIP‑7702 shook things up by changing account semantics. Make sure to bring those 7702 delegation events into your ops alerts. This is especially important for spotting any block propagation issues that might pop up due to faulty delegated code. For more details, check out this link.
• When it comes to staking concentration, Lido’s share of ETH staking has been on a downward trend, hovering around the mid-20s percentage in 2025. That’s still a significant chunk! It’s super important to focus on client diversity and APM usage for better resilience. Also, flag any “>1/3 operator concentration” in your risk reports as a cautionary sign. You can find more info over at Forklog.

Suggested SLOs

Here are some recommended Student Learning Outcomes (SLOs) that can help guide your curriculum and assessment strategies:

1. Critical Thinking
   Students will be able to analyze information, identify biases, and formulate reasoned arguments.
2. Effective Communication
   Students will demonstrate proficiency in both written and oral communication, tailoring their message for different audiences.
3. Collaboration
   Students will work effectively in teams, respecting diverse viewpoints and contributing to group success.
4. Problem-Solving
   Students will apply creative and analytical skills to tackle real-world problems.
5. Ethical Reasoning
   Students will evaluate ethical dilemmas and make informed decisions based on moral principles.
6. Digital Literacy
   Students will utilize technology effectively and responsibly, navigating digital resources for research and collaboration.
7. Global Awareness
   Students will understand and appreciate cultural diversity and global interconnectivity.

Feel free to adapt these SLOs to fit your program's specific goals and student needs!

• Mainnet:
  • Time-to-finality SLO: Aim for 2 epochs P95, with alerts set for anything over 4.
  • Builder diversity: No single builder should have more than 35% of the weekly share.
  • Relay neutrality: Keep OFAC-style censoring relays below 30% of your proposed blocks. (arxiv.org)

Rollups: the decentralization switch flipped

• Optimism rolled out its permissionless fault proofs on June 10, 2024, marking the official start of “Stage 1” for rollups. Then, on February 12, 2025, Arbitrum BoLD went live on the mainnet for permissionless validation. Just a bit later, on April 29, 2025, Base hit Stage 1 with its own permissionless proofs and set up a 10-member Security Council. Make sure your integration and withdrawal risk assumptions take all these updates into account. (coindesk.com)

Operational Checks for L2s You Rely On

When it comes to managing Layer 2 (L2) solutions, having a solid set of operational checks can make all the difference. Here’s a rundown of the key checks you should have in place:

1. Network Performance Monitoring

Keeping an eye on performance metrics is crucial. Make sure to:

• Monitor latency and throughput continuously.
• Track packet loss and error rates.
• Set up alerts for unusual spikes or drops in performance.

2. Security Audits

Security should always be top of mind, so don’t skip these checks:

• Conduct regular audits of smart contracts.
• Review access control and permissions.
• Implement automated vulnerability scans.

3. User Experience Evaluation

The end-user experience can tell you a lot about your L2’s performance:

• Gather user feedback through surveys.
• Analyze transaction speeds and confirmation times.
• Look out for any reported issues or complaints.

4. Compliance Checks

Staying compliant is essential in today's regulatory environment:

• Regularly review your compliance with relevant laws and regulations.
• Update your policies based on the latest legal requirements.
• Keep proper documentation for audits.

5. Backup and Recovery Plans

A well-thought-out backup plan can save you a lot of stress:

• Regularly back up your data and configurations.
• Test your recovery processes to ensure they work smoothly.
• Document your backup strategy for future reference.

6. Community Engagement

Engaging with your community not only helps you stay informed but also builds loyalty:

• Keep an active presence on forums and social media.
• Share updates and encourage feedback.
• Consider hosting AMA (Ask Me Anything) sessions for transparency.

Conclusion

These operational checks are your toolbox for running a successful L2 solution. Implementing them can help you stay proactive, secure, and responsive to your users' needs. Keep these in mind, and you'll be better equipped to handle whatever comes your way!

• Fault‑proof health: Keep an eye on proof posting cadence, challenger participation, and any overrides from the security council. Also, make sure you're alerted when there are “proof rail down” states. Check out this article for more details: (coindesk.com)
• Sequencer SLOs: Watch out for those unsafe head stalls and downtime. To help you calibrate, look at some past incidents: OP Mainnet had its performance take a hit in May-June 2024, and there was a sequencer outage on Polygon zkEVM related to an L1 reorg. Your goal is to keep the P99 inclusion under 2 seconds (unsafe) and under 15 seconds (safe). More info here: (status.optimism.io)
• Bridge risk: Make sure you're aware of the 7‑day challenge period for optimistic exits. It’s important to keep tabs on emergency upgrade powers versus Stage definitions (with those ≥7-day windows now enforced by L2BEAT for Stage 1). Dive into the discussion here: (forum.l2beat.com)

Don’t Ignore L1/L2 Outage Patterns

When it comes to managing your network, keeping an eye on L1 (Layer 1) and L2 (Layer 2) outage patterns is crucial. These outages can really mess things up, and understanding their patterns can help you prevent future issues.

Why Should You Care?

Ignoring these patterns could lead to prolonged downtimes, which can affect your overall performance. By recognizing trends in outages, you can pinpoint the root causes and come up with effective solutions.

Key Reasons to Monitor Outage Patterns:

• Proactive Troubleshooting: Catch issues before they escalate.
• Resource Optimization: Allocate resources more effectively to those areas that need it most.
• Enhanced User Experience: Improve uptime, which ultimately leads to happier users.

How to Spot Outage Patterns

Here are a few tips to help you identify those pesky L1/L2 outage patterns:

1. Collect Data: Make sure you’re gathering data from all your devices and connections. You can use network monitoring tools for this.
2. Analyze Trends: Look for recurring issues. Are there specific times when outages happen more often? Certain devices that seem to fail frequently?
3. Cross-Reference: Compare your outage data with external factors, like weather or scheduled maintenance, to see if there’s a correlation.
4. Document Everything: Keep a log of outages, resolutions, and any changes made to the network. This can help in diagnosing future problems.

Tools to Help You Out

If you’re looking for tools to assist with monitoring and analyzing L1/L2 outages, check out these:

• Nagios: Great for real-time monitoring.
• Zabbix: Offers extensive data collection options.
• SolarWinds: User-friendly and packed with features.

Conclusion

So, don’t let those L1/L2 outages sneak up on you. By paying attention to their patterns, you can save yourself time, frustration, and a lot of headaches down the line. Keep monitoring, stay proactive, and ensure your network runs smoothly!

• Solana's five-hour halt on February 6, 2024, is still a great opportunity for you to test out your cross-chain incident communications and order routing. Make sure you've got a plan in place to automatically switch between open and closed by venue, and to pause any risky strategies before things go haywire. (theblock.co)

Data availability layers (DA) you may be using indirectly

• If your stack or vendor is using Celestia, keep an eye on blob throughput, upgrade milestones (like that block size bump to 8MB and those 6-second blocks), and the concentration of the “largest poster.” This will help you identify any potential risks coming from your upstream appchains. Check it out here: (l2beat.com)

---

4) Metrics and dashboards that convert into action

Executive-Level KPIs

When it comes to measuring success at the executive level, KPIs (Key Performance Indicators) are essential. They provide insights into how well an organization is doing in relation to its strategic goals. Here are some important executive-level KPIs to keep an eye on:

1. Revenue Growth Rate

This KPI measures how fast your company’s revenue is increasing over time. It’s a clear indicator of the business’s health and overall growth trajectory.

2. Profit Margin

A great way to see how much profit your company is making on its sales. It’s calculated by dividing net profit by revenue. Keeping an eye on this helps ensure you’re running a sustainable business.

3. Customer Satisfaction Score (CSAT)

This one’s vital for understanding how happy your customers are. Higher satisfaction usually means better retention and, ultimately, more revenue.

4. Employee Engagement Score

Happy employees are productive employees! Tracking this metric can help you gauge workforce morale and make necessary adjustments to keep your team motivated.

5. Market Share

Knowing how much of the market your company holds compared to competitors is crucial. A growing market share often indicates effective business strategies.

6. Return on Investment (ROI)

This tells you how effectively your company is using its investments to generate profit. A solid ROI means your strategies are paying off.

7. Net Promoter Score (NPS)

This measures customer loyalty by asking how likely they are to recommend your business to others. A high score suggests strong customer allegiance, which is key to long-term success.

8. Operational Efficiency

Efficiency metrics can help you see how well your operations are running. This could include anything from production costs to delivery times.

Conclusion

Tracking these executive-level KPIs will give you a rounded view of your organization’s performance. They can help you make informed decisions and steer your company toward its strategic goals.

For more insights on KPIs, check out this resource.

• Wallet Risk
  • We’ve got high‑risk counterparties (for the past 30 days): they make up less than 0.5% of our total inflows by value.
  • The EIP‑7702 clean delegation rate is looking solid at over 95%.
  • As for freeze latency (when issuers give us the nod), we’re sitting at a median of under 2 hours. You can read more about it here.
• MEV
  • We’re doing pretty well with protected order flow, capturing over 90% of swap volume through our protection RPCs.
  • For rebate capture, let’s keep an eye on how we stack up against CoW/MEV‑Blocker monthly ranges. In November 2024, we snagged 364 ETH in rebates; across 2024, the total hit 4,079 ETH. We also have some exciting protected DEX volume milestones to hit in 2025, aiming to surpass peer benchmarks for every $1M routed. Check this out for more details: outposts.io.
  • When it comes to builder/relay concentration, the top builder is currently capturing less than 35% of the volume weekly, and we’re seeing a nice downward trend in non‑agnostic relay share.
• Protocol Health
  • Our L2 proof liveness is looking sharp with no gaps exceeding 24 hours, and we’ve met all Stage 1 requirements (proofs + security council).
  • We’re also keeping a close eye on blob costs per transaction by L2. We’re ready to alert on any spikes that go beyond the P90 mark over the past 30 days. For more insights, you can dive into this blog post.

Suggested Datasets and Taps

Here’s a handy list of some datasets and taps you might want to check out. They’re perfect for various projects and can really help you dive into your data analysis.

Datasets

1. OpenStreetMap
   A treasure trove of geographic data. You can find maps, building data, and more! Explore OpenStreetMap
2. Kaggle Datasets
   This platform has thousands of datasets across different categories. You can find everything from health data to sports statistics. Browse Kaggle Datasets
3. World Bank Data
   If you're into global statistics, this is the place to go. It covers economic, social, and environmental data worldwide. Visit World Bank Data
4. UCI Machine Learning Repository
   A classic for machine learning enthusiasts. The UCI repo has a vast collection of datasets perfect for training models. Check it out here
5. Google Dataset Search
   Need to find something specific? Google’s dataset search tool can help you sift through tons of datasets easily. Try it out

Taps

• Twitter API
  Perfect for gathering tweets and user data for sentiment analysis or trend tracking.
• Spotify API
  Get music data like playlists, albums, and artists. Great for music analysis projects!
• YouTube API
  Use this to pull video stats, search for content, and analyze trends on the platform.
• OpenWeatherMap API
  If you’re into weather data, this API gives you access to current and historical weather information.
• News API
  Stay updated with news articles across different publications. Nice for those interested in media analysis.

By using these datasets and taps, you’ll have a solid foundation for whatever data project you’re working on. Happy analyzing!

• Public: Check out Flashbots MEV‑Share and mempool datasets, along with relay/builder leaderboards and L2 status pages. Don't forget about the L2BEAT Stage metadata! You can dive into all the details right here.
• Vendor: For tackling illicit labeling and understanding DPRK TTPs, Chainalysis or TRM are solid choices. Pair these up with your own internal graphs to help reduce those pesky false positives in genuine privacy or OTC transactions. More info can be found here.

---

5) Implementation playbook (first 90 days)

Week 0-2: Instrumentation

During the first two weeks, we’ll dive into the world of instrumentation. This is where you'll get to know the essential tools and gadgets that will be your best friends throughout this journey. Here’s a quick rundown of what to expect:

1. Introduction to Instrumentation:
   We'll kick things off with the basics. You’ll learn what instrumentation is all about and why it’s crucial for our projects.
2. Hands-On Experience:
   Get ready to roll up your sleeves! You'll have plenty of opportunities to play around with different instruments. This is your chance to get comfortable and see what makes them tick.
3. Understanding Measurements:
   We’ll also cover how to take accurate measurements. Knowing how to read the data correctly is key, so we'll spend some time on this.
4. Calibration Techniques:
   It’s not just about using the tools; it’s also about making sure they’re working right. You’ll learn how to calibrate instruments for precise results.
5. Safety Protocols:
   Safety comes first! We’ll wrap up this week by going over the important safety protocols you need to follow while working with instrumentation.

By the end of these two weeks, you should feel confident navigating the basics of instrumentation and ready to tackle more advanced topics ahead!

• Go ahead and add 7702/4337 parsers to your indexers. Don't forget to set up a delegation allowlist and some alerts.
• Change the default RPCs for your wallet/dapp to those protection endpoints. Try an A/B test on 10% of your flow, and make sure to keep track of inclusion latency and any rebates. (docs.cow.fi)
• Turn on builder/relay telemetry from the beacon clients. It's a good idea to keep an eye on the top three builders across your proposed blocks. (arxiv.org)

Week 3-6: Controls and Runbooks

During weeks 3 to 6, we’ll dive into the nitty-gritty of controls and runbooks. Here’s what you can expect:

Understanding Controls

First up, we’ll explore what controls are all about. Controls are basically the mechanisms we put in place to manage risk and ensure everything runs smoothly. They can be anything from security measures to compliance protocols.

• Types of Controls:
  • Preventive Controls: These help stop issues before they happen.
  • Detective Controls: Think of these as the watchdogs. They catch problems if they slip through the cracks.
  • Corrective Controls: When something goes wrong, these are the fixes that get everything back on track.

Writing Runbooks

Next, we’ll get into writing effective runbooks. A runbook is like a step-by-step guide that helps you troubleshoot or operate a system. They’re super handy during incidents or routine maintenance.

• Key Components of a Runbook:
  • Title: Keep it clear and descriptive.
  • Purpose: Explain what the runbook is for.
  • Prerequisites: List what you need before you start.
  • Procedure: Outline the steps in detail. Be as specific as you can!
  • Troubleshooting Tips: Include solutions for common issues that might pop up.

Best Practices

As we create our runbooks, we’ll stick to some best practices to make sure they’re useful:

1. Keep It Simple: Use clear, straightforward language.
2. Be Consistent: Stick to a format throughout all your runbooks.
3. Regular Updates: Make sure to update your runbooks whenever there’s a change in procedures or systems.
4. Include Visuals: Sometimes a diagram or screenshot can convey information better than text.

Resources

For more insights, check out these links:

• Effective Runbook Writing
• Control Types Explained

By the end of weeks 3 to 6, you’ll have a solid understanding of controls and how to write runbooks that really work. Let’s get started!

• Let’s integrate the “panic revoke” feature and reset allowance flows into the UX; also, make sure support is trained on those pesky 7702 scams.
• Create a playbook for the freeze liaison with Tether and Circle, covering contacts, evidence templates, and SLAs. (tether.io)
• We need to lay out the SLOs for L2 outages and set up automated routing: if an L2 unsafe head stalls for more than N seconds, let’s redirect it to an alternative venue or queue it for a private flow. (status.optimism.io)

Week 7-12: Governance and Audits

During weeks 7 to 12, we’ll be diving deep into governance and audits. These are key parts of keeping any project or organization on the right track. Here’s a quick overview of what we'll cover:

Governance

What is Governance?

At its core, governance is all about how decisions are made and how authority is distributed. It plays a crucial role in ensuring that everything runs smoothly and aligns with our goals.

Key Components of Governance

• Policies: These are the rules and guidelines that everyone follows.
• Roles and Responsibilities: It's important to know who's responsible for what within the team.
• Accountability: This ensures that everyone is held accountable for their actions.

Audits

Why Are Audits Important?

Audits help ensure that everything is in check--financially and operationally. They provide insights into what's working and what needs improvement.

Types of Audits

• Internal Audits: These are done by the team to ensure compliance with internal policies.
• External Audits: Conducted by an outside party to give an unbiased view of our operations.

How Audits Work

1. Preparation: The team gathers all necessary documents and data.
2. Conducting the Audit: This involves reviewing processes, financial statements, and compliance with laws.
3. Reporting: After the audit, findings are compiled into a report, highlighting strengths and areas for improvement.

Conclusion

As we wrap up this phase, keep in mind that both governance and audits are ongoing processes. They’re not just box-checking exercises but vital activities that help us maintain integrity and improve continuously.

Let’s gear up for an engaging and insightful few weeks ahead!

• Get your MEV policy in order: think user-first rebates, steer clear of sandwich attacks, pick preferred builders/relays, and make sure you can prove fairness on L2s with Rollup-Boost or something similar. (rollup-boost.flashbots.net)
• Revamp your sanctions policies after the Tornado delisting--move away from strict blacklists for addresses and switch to behavior-based mixing heuristics along with Travel Rule corridor risk ratings. (theblock.co)
• Run a tabletop exercise for an L2 proof-rail failure: simulate what happens when withdrawals are paused, and make sure you can bridge through the right paths using challenge windows and message proofs.

---

6) Brief deep dives: precise issues we’re seeing in 2025

• EIP‑7702 phishing kits
  • So here’s the scoop: attackers set up a fake swap interface that tricks users into giving a 7702 authorization for some shady delegation code. This leads to a batched multi‑call that either moves funds around or gives unlimited approvals. To protect yourself, make sure delegation targets are audited or on an allowlist, show clear batch previews that anyone can read, and set up alerts for any “new delegation + large transfer” happening in the same block. Check out more about it on the Ethereum blog.
• Stablecoin enforcement reality
  • Here’s the deal: treating freezes as if they mean “recovery complete” is a bit misleading. There’s still risk lingering around due to factors like latency, reserves across different venues, and how chains like TRON and ETH operate differently. Just because a freeze is successful doesn’t mean you’ll get your assets back. It’s a good idea to track restitution separately from freeze events in your metrics. For deeper insights, head over to CoinTelegraph.
• L2 security posture
  • Don’t get too comfy with “Stage 1” thinking it’s the same as “Stage 2.” Security councils still have the power to step in, so when you think about withdrawals, you should definitely factor in challenge windows and the chance of a council veto. Make sure your messaging to users is crystal clear about timelines and what contingencies are in place. For more details, check out this piece on CoinDesk.

---

7) What 7Block Labs can deliver quickly

• We’ve got a tough wallet risk engine that’s tuned in to 7702/4337, complete with mixer-pattern scoring and stablecoin freeze SLAs.
• Rolling out our MEV program: protection RPCs, integrating MEV-Share, plus a CFO-ready “rebate P&L” dashboard for easy tracking.
• Keeping an eye on protocol health with SLOs: ensuring builder/relay diversity, L2 fault-proof liveness, blob fee budgeting, and outage routing playbooks tailored for your markets.

If you’re looking to get this up and running in your environment in just a few weeks, our reference architecture sets you up with a read-optimized node set, Kafka streams for those real-time features, and a lakehouse that seamlessly combines vendor labels with your on-chain graph. Plus, we’ll provide dashboards that are easy for executives to digest and actionable for SREs.

---

Sources (selected)

• Ethereum Foundation is diving into Pectra with EIP‑7702 and EIP‑7691, and they’ve got all the activation details lined up for April to May 2025. Check it out here: (blog.ethereum.org).
• There’s some interesting stuff going on around builder market concentration and MEV‑Boost share. You can find the full study on arXiv from 2024 right here: (arxiv.org).
• Tornado Cash is making headlines again, with recent rulings from Reuters in 2024 and the upcoming delisting in 2025. They’ve also got a legal analysis you won’t want to miss. More info here: (reuters.com).
• Don’t overlook the FATF’s 2025 targeted update and their progress on the Travel Rule! Get the latest details here: (reuters.com).
• Chainalysis has rolled out their 2025 crime data, which includes some eye-opening insights on stablecoins and their share of illicit volume. Dive into the report here: (chainalysis.com).
• The MEV Blocker has hit some impressive benchmarks and milestones according to CoW DAO. Check out the details here: (outposts.io).
• Optimism is finally showcasing its fault proofs in Stage 1, plus Arbitrum’s BoLD mainnet and Base's Stage 1 are making waves too. Get the scoop from Coindesk: (coindesk.com).
• Rollup‑Boost is making strides with TEE block building on Unichain. Check out the details here: (rollup-boost.flashbots.net).
• Keep an eye on L2 incidents, including OP's performance hiccup and the Polygon zkEVM sequencer outage, along with a Solana outage that happened on February 6, 2024. More info is available here: (status.optimism.io).

---

By honing in on these specific KPIs, controls, and datasets, you'll be able to reduce false positives, stop the latest wallet drain patterns in their tracks, and turn order flow protection into tangible margin. Plus, you’ll maintain a clear, metrics-driven perspective on L2 security and uptime. If you ever need assistance getting it all set up, 7Block Labs is ready to jump in and deploy a production-grade stack with your team. They can even get your operations trained up in just days, not months!