Stellar Community Fund

By AnChain.AI

AnChain.AI Web3SOC

SCF #20

$50.0K

Legacy v5.0 Activation Award

Awarded

Web3SOC is a security operations center (SOC) designed to safeguard digital assets and smart contract-based applications.

Products & Services

Web3SOC is the first Security Operations Center designed to Safeguard Web3 Digital Assets.

The Problem

Despite the robustness of smart contract auditing, it has not been a panacea for Web3 security breaches. An alarming $2.81 billion in losses were caused by smart contract security compromises, 91.96% of which had been audited. As we stand at the precipice of a new era in Web3 security, we must pivot our approach to anticipate potential breaches and adapt accordingly. Our product, Web3SOC, was specifically designed for this purpose.

The Harsh Reality of Smart Contract Audits in 2022

Long hailed as the gold standard for smart contract security, audits fell notably short in 2022. The stark statistics below show that smart contract auditing struggled to provide the required level of security in the Web3 landscape. Our team at AnChain.AI conducted an in-depth analysis of all major Web3 security incidents in 2022, revealing:

- A staggering $2.81 Billion in losses from smart contract security compromises. - Smart contract-based incidents made up 70.36% of all Web3 security breaches. - An alarming 91.96% of the hacked smart contracts had undergone auditing processes, with some audited multiple times by reputable security firms.

Building a secure Web3 DApp in the modern era requires a more systematic approach and a departure from spending most of one’s security budget on smart contract auditing alone. Inspired by Mandiant, FireEye, and other top-tier cybersecurity companies’ best practices, AnChain.AI launched the Web3SOC product at RSA Conference 2023: https://youtu.be/vYQtL130IAk?si=N4gZBG-cOA8j40nN

The Solution

Web3SOC aims to solve the essential problem in the Web3 security industry, by significantly improving MTTD (Mean Time To Detect), MTTR (Mean Time To Respond) key metrics, attack surface threat modeling, and security maturity for all Web3 digital asset businesses.

It focuses on improving the security maturity of Web3 applications:

- Threat Modeling: Model for your DApp’s Attack surface, including smart contracts, private key management, Cloud infra, and all. - Incident Response Planning: Let’s assume hackers are hacking you right now. What would you do to detect, respond, and remediate? - Attack simulation and Metrics focused: Start with measuring MTTD: Mean Time to Detect. The Web3SOC fire drill will measure an organization’s key metrics starting with MTTD. - Monitoring and Alerting: Web3SOC provides real-time monitoring and alerting on potential threats. - Automatic Response with AI: We leveraged various machine learning and AI algorithms to automate the SOC workflow. “Auto Trace AI” comes in handy for hackers attribution; the machine learning risk scoring engine has scored Billions of Web3 / Blockchain addresses and enabled as real-time API; GPT and LLM will scan smart contracts including vulnerabilities. - 3rd party integration: Web3SOC connects to mainstream SIEM platforms and other security applications.

Web3SOC framework is built on a proven foundation – the 5-step NIST Cybersecurity Framework:

1. Identify: Understand Web3 digital assets, systems, data, and resources that need protection, and develop a comprehensive understanding of the organization’s cybersecurity risk landscape. For example, smart contract auditing fits into this stage. 2. Protect: Implement safeguards to ensure critical infrastructure services, prevent or minimize damage from cyber threats, and establish security policies and procedures. 3. Detect: Employ monitoring and detection systems to identify cybersecurity events promptly, enabling early detection and effective response. 4. Respond: Develop and implement an incident response plan to address detected cybersecurity events, minimize damage, and ensure a faster return to normal operations. 5. Recover: Restore systems and services affected by a cybersecurity incident by developing a recovery plan, prioritizing critical functions, and incorporating lessons learned to improve overall resilience.

We have reached a critical juncture in the field of Web3 security. The vulnerabilities exposed in smart contract auditing indicate the need for a paradigm shift in our approach. With Web3SOC, we offer a comprehensive solution to safeguard Web3 applications and digital assets. We must prepare for the possibility of a hack happening, rather than reacting to it.

With Soroban introducing smart contracts to the Stellar network, new attack surfaces arise. By integrating Soroban into Web3SOC we aim at helping companies and developers identify these vulnerabilities, monitor, and respond to them.