⁠   ⁠ Monitoring L2s: How zeroShadow x Tenderly Secure Rollups
top of page
Search

Monitoring L2s: How zeroShadow x Tenderly Secure Rollups

  • julia05126
  • 2 hours ago
  • 3 min read

L2s make transactions fast and cheap, but speed and efficiency come with potential security risks. Stale oracle feeds, stalled sequencers, or unexpected protocol upgrades can trigger cascading failures in minutes. 


For this reason, setting up a comprehensive monitoring system is critical for keeping rollups resilient and minimizing the risk of critical incidents. zeroShadow and Tenderly, a full-stack infrastructure and essential developer tooling, provide the monitoring and operational support to maintain reliable rollup performance through alerting, simulation, and automation.


Learn how zeroShadow and Tenderly provide real-time monitoring, simulation, and automated responses across critical L2 risk areas.


Oracle health & integrity

Oracles power everything from swaps to lending, so keeping them accurate is critical. Even a single stale or manipulated feed can trigger cascading failures across markets.


zeroShadow monitors:


  • Price deviation between oracle feeds and reference sources

  • Staleness and heartbeat failures

  • Updater allow-list compliance (who is writing to the oracle)

  • Unexpected proxy or implementation changes


These checks let us catch data drift, operational failures, and early signs of compromise.


How Tenderly enables Oracle monitoring:

Tenderly’s fully customizable alerts provide zeroShadow real-time, condition-based triggers on the exact on-chain states we watch. Alerts flow directly into zeroShadow’s ops stack—Slack, email, PagerDuty, or custom webhooks.

For cases that require action, zeroShadow uses Tenderly Web3 Actions as automated responses to post statuses, notify clients, flip safety flags, or trigger downstream processes

.

Additionally, before zeroShadow touches mainnet, we rely heavily on Tenderly’s single and bundled transaction simulations to validate the expected impact of any safety intervention (pauses, cap changes, etc.).


Why this pairing works zeroShadow provides the monitoring logic and decision-making, while Tenderly ensures our responses are fast, tested, and fully auditable.


Sequencer & consensus health: watchtower

Healthy L2 operation relies on consistent block production and sane timestamps. When sequencers pause, fall behind, or produce unexpected timestamps, it can immediately disrupt price windows, oracles, keepers, and liquidations.


zeroShadow monitors:


  • Sequencer liveness and block cadence

  • Timestamp drift and anomalies

  • Reorg/safety window conditions

  • L2→L1 batch posting schedules

  • Unexpected rollup contract events


These signals let us catch early signs of instability in rollups and shared sequencer networks.


How Tenderly helps us with troubleshooting and automation

Tenderly’s high-performance Node RPC provides the raw, reliable data that zeroShadow polls for liveness, timing, and derived metrics. For deeper investigations, we use Tenderly’s custom RPC tracing method (e.g., tenderly_traceTransaction) to identify the root cause behind anomalies.


Tenderly Alerts then feed zeroShadow’s on-call rotation with conditions like “no new block for N seconds,” “block interval > policy,” or “bridge state changed.” When automation is appropriate, zeroShadow uses Web3 Actions to compute health reports and update status pages or activate safe modes.


Economic security: cross-protocol risk monitoring

Economic failures in L2 ecosystems often emerge through subtle shifts, such as reserve imbalances, abnormal slippage, liquidation waves, allowance anomalies, or bridge congestion. When these abnormalities occur on key protocols or bridges for an L2, it can have wider implications for the entire blockchain.


zeroShadow monitors:


  • DEX invariant changes (reserve deltas, slippage spikes, price/oracle mismatch)

  • Vault solvency metrics

  • Liquidation surges and unusual approval activity

  • Bridge queue backlogs and settlement delays

  • Governance actions: timelocks, proxy upgrades, parameter changes


This cross-protocol monitoring surfaces economic risk before it becomes user-facing.


How we use Tenderly for cross-protocol monitoring:

In these cases, Tenderly Alerts trigger based on these protocol-specific conditions. Once triggered, they send relevant notifications to our dedicated team channels so we can take further mitigation steps.


When a mitigation or parameter update is needed, zeroShadow uses Tenderly Bundled Simulations to run multi-step “what happens if…?” scenarios before taking any action. For more complex scenarios, zeroShadow uses Virtual TestNets for control over storage slots and testing on synced mainnet data. This way, our team can verify our solutions and quantify their economic impact before execution.


For rapid incident forensics, Tenderly’s debugging tools provide visibility into CALL/DELEGATECALL/CREATE2 flows so zeroShadow can quickly determine the root cause.


Securing rollups through combined monitoring

zeroShadow provides the operational monitoring, domain expertise, and human judgment that keep L2s safe. As an industry leader in developer tooling, simulation, and infrastructure, Tenderly provides real-time alerting, scalable RPC access, fully decoded transaction tracing, and an industry-recognized simulation engine that make that monitoring reliable and effective at scale.


With this combined approach, we create a monitoring and response layer that is fast, tested, and purpose-built for modern L2 ecosystems.

 
 
 
bottom of page