Stellar Community Fund

By Hypernative

Hypernative Web3 Security

SCF #26

$50.0K

Legacy v5.0 Activation Award

Awarded

Market leader in hack prevention and real time monitoring detecting and preventing attacks on smart contracts before they happen.

Products & Services

Summary Below is a preliminary list of features that Hypernative offers to establish and ensure chain security soundness, detect anomalies and malfunctions in 3rd-parties like Oracles, Bridges, and other tokens and protocols, and monitor off-chain and on-chain participants for suspicious behavior across the entire chain

About Hypernative Hypernative (https://www.hypernative.io , https://twitter.com/HypernativeLabs) is a well-funded startup, created by top security professionals, which worked and sold companies to companies like IBM, Microsoft, Google, CyberArk and others and has a combined experience of 10’s of years in cybersecurity and machine learning/data analytics including team members with vast DeFi and blockchain experience. While Hypernative is operational, it consistently proves to be the first to detect and alert protocols about attacks both before they happen and during their occurrence. It has demonstrated that its technology can mitigate risks, trigger automated responses, and effectively protect our customers.

The platform is already used today by a variety of customers from the crypto space including protocols/chains/bridge providers and asset managers (Like: Balancer, Circle, Linea, EtherFi, Starknet, Zetachain, Galaxy Digital, OlympusDAO, KarpatkeyDAO, Chainalysis, Kinza, Alluvial, Quantstamp/Chainproof and many others..)

Motivation The overall motivation is to augment security and risk operations and help your team both with our team security and data expertise and with using the Hypernative platform. It's hard to keep track of all the various different security risks and exposures in crypto and Web3, having a dedicated team and a real-time platform to mitigate and detect these risks for the chain, is of first priority in our vision. The result of implementing this offer will be to provide real-time detection of any security attack vector on your chain and its participants/projects and prevent that threat by defining together with the community various preventive workflows. (Leveraging the Hypernative Platform)

Proposal:

A. Chain Security

Reviewing security framework and response procedure, assigning a contact person for various events Set standard operational procedure (response & contact points) on category of events and time-sensitivity for any security or operational case Understand and create pre-incident measures to mitigate risk and react in time (pause contracts, limit/cap protocol, blacklist addresses, move funds to a safe/vault for emergency etc.) The selected measures will be agreed together with your technical team Understand and create post-incident measures Automate circuit breakers triggering with Hypernative infrastructure (Multi sig module) or with Integrations to OZ Defender

Chain Security Alerts

Leverage Hypernative zero-day detection modules to detect threat and alert in real-time on security incidents related to or directed at your chain contracts, Bridges, participants or any other infrastructure contract

Example of Security, Compliance and Fraud/Scamming Alerts supported:

Illicit funds movement Bridged to chain Interaction with an OFAC-sanctioned address Suspicious or Malicious contracts deployed targeting the project contracts including a severity score of MEDIUM or HIGH Phishing contracts Attacker/Hacker contracts Hacks and exploits warnings and zero days alerts in various vectors and for various vulnerabilities Simulation based, ML based, Heuristics based and known vulnerabilities based Chain addresses suspicious in scamming/fraud/phishing attempts or smart contracts suspicious of such Fraudulent activity Scam tokens Multi sig’s, wallets security risk (operation/developers/admin) Private key theft Wallet compromises Ownership changes

Incident Response

Identify root cause(s) and suggest remedies / repairs and communication Work with Hypernative network of connections to help in funds recovery and freezing of stolen funds Help with automatic tracking of the stolen funds across chains, bridges and addresses Help with post mortem, community communications, war room management and law enforcement contact if needed/wanted Automatically notify Chainalysis (Hypernative partner) to label attacker wallets and track stolen funds

Automated response connect critical security alerts from Hypernative platform into a preventive actions agreed upon based on the security framework review OZ defender integration Multi-sig module by Hypernative Automatic integration with Chainalysis crypto incident response team for recovery

B. Oracles, Bridges, and related Tokens

Oracle Reliability

Offer: Detect deviations between two updates of an oracle Detect deviations between two updates on two different chains Detect deviations between on-chain and off-chain prices Detect a lack of updates and staleness

Bridge Security Monitoring

Offer: Provide security alerts related to bridge security incidents and risks and zero days detection for the Bridge contracts Monitor native Bridge state machine for any anomalies Bridge operational risks and balances monitoring Provide 3rd-party bridges monitoring

Related Token Monitoring

Offer: Monitor tokens dependent on or related to the protocol for anomalies, market economic conditions, security, holdings concentration and supply changes (mints / burns)

D. Phishing and Scamming Detection

On-chain detection

Offer: Detect phishing campaigns targeted at token holders and provide alerts to warn the community Detect fraud campaigns targeting members and alert on any compromised wallet/multi sig

E. Participants Monitoring

Monitor suspicious users

Offer: Monitor large transfers or movements of funds from participants in the chain Monitor suspicious or illicit activity, or illicit funds holdings for participants or projects on the chain

Monitor blacklisted addresses

Offer: Monitor addresses from OFAC lists or that were part of a hack/exploit/fraud

F. Protocol Operations Monitoring & Custom Agents

Monitor treasury and wallets

Offer: Monitor large transfers or movements of funds from treasury Monitor multi sig wallets for anomalies and suspicious transactions

Monitor defined parameters / invariants

Offer: Monitor specific invariants in any smart contract as specified by the chain developer/operation/security team

Create custom agents to monitor any on-chain event Use Hypernative library of templated to create custom agents in variety of categories to monitor any on-chain event in one transaction/over time or leverage our anomaly detection agents to warn against anomalies

G. On-Chain Governance 1. Monitor Governance Decisions

Offer: Monitor governance proposals on-chain and apply Hypernative models to detect suspicious proposals Simulate governance proposals and add relevant automated testing of invariants/conditions for every proposal Monitor proposers history and risk parameters Monitor code updates and apply custom login to detect supply chain or code injects / deployment errors

1. Monitor Governance token holders

Offer: Monitor governance token transfers Alert on governance token concentration

H. Treasury 1. Monitor Treasury wallets

Offer: Monitor suspicious, illicit activity, or abnormal behavior related to the chain treasury wallets (or operational/admin/developers wallets)

Monitor Token distribution / claims / locks

Offer: Monitor token and rewards distribution according to strategies and plans