Proposal: Hack prevention security for Venus Protocol

Proposals
1

Summary

The decentralized world of Web3 holds vast potential. However, recurrent security breaches have tainted its promise, leading to a loss of user trust and financial resources. Lossless stands as a beacon, providing concrete solutions to this pervasive hack problem and setting the stage for a safer Web3 ecosystem.

Lossless aims to ensure an all-encompassing security infrastructure to Venus Protocol, for Binance Smart Chain and Ethereum, through its active protection product Aegis.

Aegis is a robust, real-time surveillance tool that scans every transaction on the block. Empowered by cutting-edge AI and ML algorithms, Aegis not only pinpoints but also anticipates potential security breaches. Its predictive prowess offers projects the advantage of preemption over merely reactionary measures.

In addition, we are introducing a groundbreaking security solution to enhance asset protection on the Ethereum blockchain, with plans to expand to the Binance Smart Chain very soon. This innovative system utilizes an automated front-running technology, designed to preemptively counteract potential security breaches, safeguarding users’ assets. Without the need of assistance of personnel, the hack will be prevented automatically.

The proposal seeks approval for a budget allocation of $85,000, to be expended on security services over a 12-month period. Payment for these services will be made in XVS tokens. The funds are to be released quarterly, contingent upon approval from the DAO contributors. This structured payment approach ensures ongoing oversight and alignment with the project’s security needs

About Lossless

Website: lossless.io

Twitter: twitter.com/losslessdefi

Lossless is a leading security protocol focused on fund recovery, hack prevention, and enforcing on-chain security. With its advanced product, Aegis, Lossless has achieved remarkable success in preemptively identifying potential hackers, at an average identification time of 15-17 minutes ahead of an exploit. This proactive approach allows for timely interventions to protect assets and prevent unauthorized access.

The company’s expertise and innovative solutions have made it a trusted partner for a diverse range of organizations within the blockchain ecosystem. Currently, Lossless secures the assets of notable protocols such as QuickSwap, Thena Finance, Harmony, Carbon Browser, Unicrypt, ChainGPT, DAO Maker, and SmarDEX, among others. This extensive portfolio underscores Lossless’s capability and commitment to providing security services, ensuring the integrity and safety of its clients’ digital assets.

Other recent milestones by Lossless:

Lossless has a proven track record of fund recoveries and prevention of exploits:

Proposal

Onboarding procedure:

The onboarding procedure for integrating Lossless’s security services with Venus Protocol involves a comprehensive approach designed to establish a robust security framework and ensure seamless communication between both parties. Here’s an overview of the steps involved:

Establish Direct Communication: Initiate a direct line of communication between the Lossless team and Venus Protocol representatives. This step is crucial for facilitating transparent and efficient collaboration throughout the partnership.

Risk Assessment and Infrastructure Mapping: Conduct a thorough assessment to understand potential risks, focusing on significant and sensitive infrastructure components such as tokens, oracles, protocols, and bridges.

Perform a detailed mapping of on-chain structure and assets to identify vulnerabilities and safeguard against potential threats.

Access to Aegis Platform: Provide Venus Protocol team members with access to the Aegis platform. This access will be co-managed by both the client and the Lossless team, fostering a better understanding of the system and ensuring a faster setup process.

Establish key communication channels for real-time alerts and updates regarding security matters.

Standard Operational Procedures (SOPs): Develop SOPs detailing the response times and actions for detected events, with a particular focus on high-risk events, mitigation strategies, and worst-case scenarios.

Outline procedures for requesting improvements to both the security setup and operational protocols, ensuring continuous enhancement of the security framework.

Pre-Incident Measures and Automations: Implement pre-incident measures and automations designed to proactively mitigate risks. This involves defining specific triggers and enabling functionalities like simulations, frontrunning attacks (for preventive purposes), imposing transaction limits, blacklisting malicious actors, and moving funds to secure locations in response to assessed risks.

The objective is to minimize potential damage to the Venus Protocol by preemptively addressing vulnerabilities and threats.

This structured onboarding process aims to establish a comprehensive security posture for Venus Protocol, leveraging Lossless’s expertise in hack prevention and fund recovery to protect against on-chain threats. Through close collaboration and ongoing communication, both parties can achieve a high level of security readiness and resilience against cyber threats.

Monitoring, Alerting & Mitigation Procedures

The Monitoring, Alerting, and Mitigation Procedures between Lossless and Venus Protocol are designed to provide comprehensive security oversight and rapid response capabilities. Here’s a breakdown of the procedures:

Custom Channels Creation: Tailored communication channels will be established based on Venus Protocol’s specific requirements, encompassing both internal and public communication platforms such as email, Telegram, Slack, Discord, SMS, and Webhook. This ensures that alerts and communications are efficiently disseminated across the preferred platforms.

Risk Detection: Utilizing Lossless’s proven risk detection capabilities, basic monitoring will be set up for all key on-chain addresses. The system will issue notifications for High or Critical risk events, as identified by the Lossless risk monitoring tool, ensuring timely awareness and response.

Event Monitoring: Aegis’s capability to monitor detailed events will be harnessed to create customized alert channels and triggers. These will cover a range of specific activities including changes in Total Value Locked (TVL), certain triggered events, function calls, token mints, and transfer thresholds, ensuring comprehensive oversight.

Active Protection: For critical on-chain addresses, active protection measures will be implemented, encompassing automated responses to on-chain triggers and pre-set off-chain rules. This proactive stance aims to prevent unauthorized actions before they can impact the protocol.

Support and Response Times: Lossless provides standard support from Monday to Friday, 10:00 AM to 7:00 PM CEST, with emergency support available in critical scenarios outside these hours. This ensures that Venus Protocol can expect timely assistance and intervention when needed

Passive Protection: In collaboration, Lossless and Venus Protocol will identify and prepare for less sensitive or indirect risks by developing manual playbooks for worst-case scenarios. This strategy aims to balance cost with effectiveness, reducing the likelihood of false alarms while ensuring readiness for genuine threats.

Security application to Venus Protocol products (Ethereum and BNB chains)

  1. Venus Core pool (including isolated pools)

Offer:

  • Create alert channels to notify everyone on suspicious users that could cause harm
  • Monitor events and function calls that could signal a smart contract attack
  • Front-run incoming hackers and prevent fund loss
  • Monitor critical EOAs and/or Multisigs for non-expected transactions and get alerted through diverse channels
  1. Vaults

Offer:

  • Create alert channels to notify everyone on suspicious users that could cause harm
  • Monitor events and function calls that could signal a smart contract attack
  • Monitor TVL changes of vaults and deposit sizes
  • Monitor transfers amounts set by threshold
  • Front-run incoming hackers and prevent fund loss
  1. Swap contracts

Offer:

  • Create alert channels to notify everyone on suspicious users that could cause harm
  • Monitor events and function calls that could signal a smart contract attack
  • Monitor TVL changes of vaults and deposit sizes
  • Monitor transfers amounts set by threshold
  • Front-run incoming hackers and prevent fund loss
  1. Bridge

Offer:

  • Create alert channels to notify everyone on suspicious users that could cause harm
  • Monitor events and function calls that could signal a smart contract attack
  • Monitor TVL changes of vaults and deposit sizes
  • Monitor transfers amounts set by threshold
  • Front-run incoming hackers and prevent fund loss
  1. Critical EOAs and/or Multisigs

Offer:

  • Get alerted when interacting with a suspicious address
  • Monitor transfers amounts set by threshold
  • Monitor TVL changes of vaults and deposit sizes
  • Monitor wallet activity for non-expected transactions
  • Create Panic button to hastily transfer funds in case of an attack
  1. DAO Governance

Offer:

  • Monitor addresses interacting with smart contracts and get notified on suspicious users
  • Monitor critical events and function calls for unexpected executions

The proposal seeks approval for a budget allocation of $85,000, to be expended on security services over a 12-month period. Payment for these services will be made in XVS tokens. The funds are to be released quarterly, contingent upon approval from the DAO contributors. This structured payment approach ensures ongoing oversight and alignment with the project’s security needs

14 Likes
2

One of the priorities of any project is security. Especially if you want to attract the most users, first of all, you must be thousands of levels higher than your competitors in terms of security. Therefore, I think that using lss security can make you very different from your competitors.

8 Likes
3

SAFU is the most important things for Venus users. This proposal sounds good.

7 Likes
4

Security should be of highest concern, especially in the crypto space and even more for lending protocols.

A lot of people, including myself, are hesitant about using lending protocols because there are a lot of risks. Going the extra mile for security could bring everyone more ease of mind.

6 Likes
5

Lss is the best project with 100Ă— potential

6

Safety is a primary concern for any project and community. Everyone has doubts, and as we’ve already seen in the space, words are just words without proper implementation. Based on Lossless track record, it’s shown that even the strongest can crumble sometimes despite assurances that everything is good. Lossless does much more than protect digital assets and projects; it also provides the community with tools and education to be the best version of themselves. When the project is safe, the community is safe and secured is a no brainer.

2 Likes
7

I believe that security is the point but:
A) Why don’t we use different founds than XVS.
B) Do we have any insurance if your antyhack system won’t work? What kind of confidence in the system we may have ?

2 Likes
8

As we well know, the security aspect is crucial for DeFi ecosystem protocols. I love the idea of implementing this Lossless proposal in Venus Protocol as it will greatly help prevent attacks and, above all, protect users’ funds.

5 Likes
9

I like this kind of products but to be honest there is a lot of competitors in this field and most of them got more friendly prices. This one looks pretty expensive to me.

10

This is a very thorough proposal. Shows that they have really done their research into Venus.

You can’t really put a price on security. I feel like this would put a lot of us at ease knowing that there are measures in place to counteract any malicious actors.

3 Likes
11

I think it’s no secret that Venus’s focus on security is the highest priority, so I like the proposal

6 Likes
12

An important alliance for the Venus protocol in terms of optimal levels of real-time security adapted to new financial technologies.

6 Likes
13

The proposal is great and i really like the idea of having an extra layer of security considering the previous incidents. Proposal is bit expensive, but i think, they are worth the price as i believe, security shouldn’t be compromised on basis of price. Security is the most important pillar for any project. Really excited to see how it goes through. I’m down for it, +1!

5 Likes
14

Hi @Gregor ,

Thanks for the questions! To answer them:

A) We can discuss on using different funds, USDT/USDT/ETH. But I think using XVS also creates our company another holder of the token, makes us more part of the ecosystem and incentivized to contribute to the growth of Venus Protocol.

B) Our company has great experience in “reading” and tracking hackers, as well as strategies of fund recovery. You can see in the stories shared of this proposal. We have recovered in total around $25M funds. This has given us the knowledge base of constructing the first strong automated anti-hack system. And as you have confidence in using Venus, Sushi, Uniswap, or any other DeFi protocol, this is the same case, you show trust in a code that works towards keeping your funds safe, as you trust in other protocol codes that your funds won’t be lost, sold at 0, misplaced or else.

3 Likes
15

Hi @wonderomg !

True, there are other competitors, but actually their price is not that cheaper, and most of the competitors charge same or higher for protocols of Venus size.

And also where we stand out:
A) We are the only ones that has a fully running automated anti-hack system. Meaning Venus employees or us don’t have to worry missing out on alerts, because the system will prevent fund theft 24/7.
B) We also have a security product for retail users, for every Venus community member, which they can apply to their wallet. Right now it protects from hacks, but very soon it will have protection from scammers. Meaning we take care of the full ecosystem:

  • security for Venus Protocol
  • security for Venus employees
  • security for Venus community members
3 Likes
16

Hi Venus Protocol, I’d like to offer another proposal from Hexagate, currently the leading security vendor in the space, protecting over $15B across multiple chains and trusted by the biggest teams in the space - Coinbase, Linea, Polygon, Avalanche, EigenLayer, GMX, Benqi, QuickSwap and many more. As we are in discussion with your core team and saw that security is a big priority, we’d also love to offer a discount.

17

Summary

Hexagate is a Web3 security provider helping protocols, bridges, chains and treasuries to protect their smart contracts, assets and users from financial losses and fund loss incidents caused by cyber exploits and Web3 threats. Hexagate offers a platform that detects all Web3 threats in real-time and prevents them from causing any impact.

Hexagate’s Web3 security platform offers real-time monitoring solutions for all sorts of threats before they impact any digital assets and automated prevention tools for the Venus protocol and treasury so team members can take on-chain action, when applicable.

This benefits Venus users and the treasury by safeguarding their funds from potential exploits on any Venus contract and reducing the amount of funds lost in a possible incident.

Hexagate monitors malicious activity on-chain, including on any Venus contracts, including all 1st party contracts, 3rd party dependencies, governance proposals, protocol invariants and so on.

Hexagate can partner with Venus to provide the protocol with real-time alerts on Web3 threats and exploits threatening Venus contracts or governance participants and run automated workflows to remediate issues in real-time when Hexagate fires an alert. That will also allow rapid communication and response to threats that come up.

Hexagate offers the broadest coverage of threats and chains in the Web3 ecosystem and monitors major EVM-compatible chains including Ethereum mainnet, Binance Smart Chain, Polygon PoS, Polygon zkEVM, Base, Linea, Avalanche, Arbitrum and Optimism.

Background

Hexagate website: https://www.hexagate.com/

Hexagate Twitter: https://twitter.com/hexagate_

Hexagate monitors blockchains in real-time, and by leveraging ML, security heuristics, hybrid detection algorithms and invariant monitoring engine, it provides early detection of exploits, abnormal behavior and other Web3 threats. The Hexagate platform covers the detection of cyber and financial exploits on 1st and 3rd party code on mainnet deployments, governance and administration risks, suspicious fund movements, phishing, fraud, scams, and custom invariants.

Protocols, bridges, and chains that use Hexagate benefit from early and accurate detection of threats, remediation workflows, IR, and forensics.

The company already protects over $15B in TVL across all major EVM chains and is trusted by the biggest names in the industry like Coinbase, Polygon, Linea, Avalanche, Eigen Layer, GMX, Consensus and many others - it managed to detect ahead-of-time exploits that targeted Euler, Radiant, Hundred Finance, Conic, and more.

The Hexagate platform was built following extensive data and ML research, was back-tested from the genesis block and managed to detect all hacks in real-time in the past 12 months, where 98% of times it provided an alert more than 2 minutes (sometimes even days) ahead of the hack.

To date, the Hexagate platform saved over $1.4B in actual hacks that targeted its customer base.

Hexagate is a VC-funded company backed by leading VCs, founded by serial entrepreneurs who previously built companies that were acquired by Jfrog and Claroty. Their team brings vast experience in the cybersecurity realm.

Hexagate also helps the entire ecosystem by helping others in a time of need, participating in post-mortem analysis, war rooms aimed at unveiling exploiters and recovering funds, and by conducting research activities on protocols - here are a few examples:

Detailed Proposal

Below is a summary of the proposal from Hexagate, outlining the offer to Venus:

  1. Hexagate will provide access for Venus to its Web3 security platform and Web3 threat intelligence feed, including its on-chain investigation engine.
  2. Threats covered by the Hexagate platform:

  • Exploits on first or third-party code

    1. Detect suspicious malicious contracts before they exploit a protocol
    2. Detect novel 0-day exploits and unknown threats on protocols or its dependencies
    3. Dependencies include tokens, deployers, oracles, bridges, other protocols, etc.
    4. Detect token exploits - excessive minting or burning, abnormal transfers, centralization risks, missing access controls allowing arbitrary approvals or transfers, rug pulls
    5. Detect oracle deviations and delays
    6. Tracking abnormal transfers to detect private key compromises
    7. Alert on token depeg – stablecoins, wrapped assets, or bridged assets
    8. Track fund movement post-incident and automatically tag malicious entities on-chain to taint stolen funds movement in real-time

  • Governance and Administration

    1. Simulate and analyze any malicious governance proposal (or a malicious proposer) that goes on-chain (including when a governance proposal executes)
    2. Analyze contract ownership or role changes for abnormal changes to malicious entities
    3. Detect malicious implementation updates and changes to privileged configurations that result from missing access controls, private key compromises or rug pulls
    4. Detect centralization risks on governance token holders or phishing attempts on governance token holders
    5. Monitor governance token transfers

  • Funds movement

    1. Track illicit funding sources and track fund movement
    2. Monitor and tag all malicious on-chain activity including fraud shops, mixers, USDT / USDC / OFAC blacklists, high-risk exchanges, and stolen funds.
    3. Monitor abnormal transfers and/or fund movements from specific addresses (protocol treasury, whales, protocol participants, etc.)

  • Invariants and parameters

    1. Declare and implement code invariants using descriptive language.
    2. Monitor code invariants and params in mainnet and testnet, to make sure they are not broken.
    3. Leverage pre-defined rules and custom monitors covering balance changes, contract events, funaction calls, sample functions, token holder centralization, slashing events and more

  • Phishing, fraud, and scams

    1. Governance participants interacting with malicious contracts, phishing addresses, scam tokens, etc.
    2. Detecting malicious dApps impersonating Venus
  1. Hexagate provides generic webhooks, Slack/telegram/email/discord/pagerduty/OpsGenie integrations for any type of alerts
  2. Hexagate enables user-generated custom monitors so a user can set up alerts on specific wallets, whales, specific events, specific contract calls, and so on, enabling users to customize their monitoring to fit their needs
  3. Hexagate provides a unique invariants monitoring engine that allows for invariants to be declared using proprietary DSL and can be monitored both on Testnet and Mainnet.
  4. Phishing detection for governance participants - Hexagate surfaces any phishing attempt on Venus governance participants
  5. Connection to our network of partners and collaborators in which they have an open channel to such as Chainalysis, Binance, on-chain sleuths, and more to be able to notify them in real-time when an incident happens so they can tag the bad actors and prevent them from off-ramping on a big list of exchanges, uncover the attacker’s identity, help with crafting a post-mortem paper, and analyze the blast radius of the incident
  6. Support:
  • Standard support time - Sunday to Thursday 10:00 AM - 7:00 PM GMT+3
  • Helping out with bug bounty program submissions, security reviews, and triaging incidents in real-time by assigning a security researcher from our end to help out in time. In the initial proposal, Hexagate will allocate 30 hours of security research activity to help on that front and expand as needed
  • Preparation and training for managing a war room, assigning roles and responsibilities, and helping with crafting security frameworks and incident response procedures - based on Hexagate’s expertise gained from being active in many such incident response events
  1. Onboarding:
  • During onboarding, a Hexagate security engineer with a Venus team member will map all the contracts, tokens, bridges, oracles, and governance structures that are related and even remotely affecting Venus contracts and on-chain assets to be able to have a broad coverage of all possible threats. Access to the platform will be granted to the selected Venus Foundation or Devs to use the platform to configure monitors, alert notification channels, and run triaging and investigations for any on-chain activity - these will be provided right after signing
  • Hexagate will cover the Venus liquidity pools, vaults, swap contracts, bridge, EOAs, multisigs, DAO team members, treasury and so on.
  • For each asset Hexagate will assist in configuring the appropriate monitors and tailor remediation procedures.

Budget

Hexagate is asking the Venus community to fund $65,000 for a security license for 12 months, half paid upfront in stables and half made in XVS tokens (or stables) released quarterly or yearly (as the community sees fit).

1 Like
18

Hello @yaniv-hexagate :slight_smile:
We are happy that our proposal has sparked interest among our colleagues at Hexagate and the broader community, especially in the context of recent discussions about safeguarding against actual hacks that threaten our ecosystem. The dialogue around securing the Venus Protocol is more relevant than ever, highlighting the critical need for a security partner that can not only respond to threats but anticipate them.
And seems your proposal was quickly dropped in, identical to what you shared with Quickswap, no analysis of Venus protocol itself or tailoring the solution.

At Lossless, we are not just reacting to incidents; we are preventing them. Our approach goes beyond the conventional to address the evolving landscape of Web3 security challenges. Here are key differentiators where Lossless excels, particularly in areas where Hexagate may not fully meet the comprehensive needs of Venus Protocol:

  1. Predictive Security and Real-time Monitoring: While Lossless performs real-time monitoring akin to Hexagate, our ability to predict hacks sets us apart as a core advantage. This dual approach ensures that Venus Protocol benefits from immediate threat detection while also enjoying the strategic upper hand through predictive analytics. Our advanced AI and machine learning algorithms have been instrumental in preempting attacks, making us a leader in predictive security measures.
  2. Automated Security Interventions: Our innovative automated front-running technology is designed to autonomously address potential threats before they manifest into actual hacks. This capability ensures that the Venus Protocol remains safeguarded with minimal human intervention, providing a swift and effective defense against potential vulnerabilities.
  3. Customized Security Solutions for Venus Protocol: We pride ourselves on offering a security package that is meticulously tailored to the unique components of Venus Protocol. From Core pools to Vaults, Swap contracts, and DAO Governance, our solutions are designed to provide comprehensive protection across all facets of the protocol, ensuring no aspect is left vulnerable.
  4. Trust in Preventing and Mitigating Threats: Our proactive measures have been proven in the field, protecting over 50 clients and partners from potential attacks. This trust is built on our consistent efforts to enhance our security offerings and our dedication to maintaining the integrity of the protocols we work with. Our commitment is to provide not just a service, but a security partnership that our clients can rely on.

The choice of a security partner is a pivotal decision for Venus Protocol, impacting not just current operations but the future resilience of the ecosystem. It’s about ensuring the safety of user funds against the ever-present threat of attacks, with a partner that offers both immediate responses and forward-looking protection.

We are more than happy to further discuss our offering, emphasizing our unique predictive capabilities alongside our robust real-time monitoring. Our team is eager to engage with the Venus community and stakeholders to explore how Lossless can provide unmatched security and peace of mind.

Thank you for considering our enhanced proposal. We are committed to contributing to the security, success, and sustainability of Venus Protocol.

5 Likes
19

Hi Venus Community, at Hypernative we’d like to offer our services to the Venus community as well. Hypernative is the category leader in threat prevention and real-time monitoring. We cover the widest range of attack vectors and are trusted by top players in the industry including Balancer, Radiant, Circle, Chainalysis, Polygon, Starknet, Linea (Consensys), Galaxy Digital, Karpatkey DAO, to name a few, and many others). We’d love to join forces with Venus, augment your team with our security expertise and help you focus on keep building the best product in the market.

20

Summary

A proposal to adopt Hypernative’s proactive threat prevention and real-time monitoring platform to protect Venus Protocol in the event of a hack or exploit to enhance the resiliency and security of the protocol and augment the team’s security operations while minimizing the risk of hacks and exploits, loss of funds and prevent catastrophic loss to create long-term sustainable growth.

The proposal below includes two parts:

  1. On-Chain monitoring and automated prevention
  2. Build and deploy post-incident response plan

The request is to approve a $60K budget expenditure paid in XVS for 12 months, approved and released by the DAO contributors.

Background

About Hypernative

Hypernative actively detects and responds to zero-day cyber attacks, financial risks, on-chain anomalies and safeguards digital assets, protocols, and Web3 applications from significant threats and losses.

Hypernative today works with some of the leading crypto organizations, such as Balancer, Radiant, Circle, Polygon, Starknet, Zetachain, Linea (Consensys), Galaxy Digital, OlympusDAO, Karpatkey DAO, Chainalysis to name a few, and many others)

Hypernative is an active participant in many crypto security organizations and committees geared towards helping projects and the industry as a whole to create new security solutions and standards.

Hypernative team is well experienced in crypto and cyber security with 10’s of years of combined experience from companies like: Microsoft, IBM, Google, VMware, CyberArk, ChainReaction, Orbs, Intel, and others.

Motivation

The overall motivation is to enhance security and risk operations, assisting the Venus team with our team’s security and data expertise, as well as with the use of the Hypernative platform.

In the crypto and Web3 space, it’s challenging to keep track of various security risks and exposures. Having a dedicated team and a real-time platform to detect and mitigate these risks for the community is our top priority.

The implementation of this offer aims to provide real-time detection of any security attack vectors on Venus and its participants. It will also prevent threats by defining various preventive workflows in collaboration with the team (leveraging the Hypernative Platform), and a security and solidity expert from Hypernative will be available to provide expertise and assistance regarding security incidents, bug/vulnerability disclosures, or processes, and will assist the Venus team with integrating the system into the Venus protocol preventive workflows to build an automated response process.

Lastly, the system will provide real-time detection and alerts to the community/DAO regarding anomalies and risks in governance proposals, bridges, oracles, participants, phishing, or scamming campaigns affecting XVS and its holders (leveraging the Hypernative Platform).

Proposal

Below is a preliminary list of features that Hypernative offers for Venus protocol to establish and ensure protocol security soundness, detect anomalies and malfunctions in 3rd-parties like Oracles, Bridges, and other tokens and protocols, and monitor off-chain and on-chain participants for suspicious behavior

Part 1: On-Chain monitoring and prevention automation

A. Protocol Security

  1. Reviewing security framework and response procedure, assigning a contact person for various events
  • Set standard operational procedure (response & contact points) on the category of events and time-sensitivity for any security or operational case.
  • Understand and create pre-incident measures to mitigate risk and react in time (pause contracts, limit/cap protocol, blacklist addresses, move funds to a safe/vault for emergency, etc.)
  • Understand and create post-incident measures.
    • Automatically notify Chainalysis to label attacker wallets and track stolen funds.
  1. Protocol Security Alerts
  • Leverage Hypernative zero-day detection modules to detect threats and alerts in real-time on security incidents related to or directed at Venus Protocol contracts.
  1. Preventive Workflows
  • Work with the Venus team to connect critical security alerts from Hypernative platform into preventive actions agreed upon based on the security framework review
  • Provide consultancy and verification of the entire end-to-end real-time security process and connected alerts

B. Oracles, Bridges, and related Tokens

  1. Oracle Reliability
  • Offer:
    • Detect deviations between two updates of an oracle
    • Detect deviations between two updates on two different chains
    • Detect deviations between on-chain and off-chain prices
    • Detect a lack of updates and staleness
  1. Bridge Security Monitoring
  • Offer:
    • Provide security alerts related to bridge security incidents and risks
  1. Related Token Monitoring
  • Offer:
    • Monitor tokens dependent on or related to Venus for anomalies, market economic conditions, security, holdings concentration, and supply changes (mints/burns)

C. Phishing and Scamming Detection

  1. On-chain detection
  • Offer:
    • Detect phishing campaigns targeted at the XVS token holders and provide alerts to warn the community

D. Participants Monitoring

  1. Monitor suspicious users
  • Offer:
    • Monitor large transfers or movements of funds from participants in the protocol
    • Monitor suspicious or illicit activity or illicit funds holdings for protocol participants
  1. Monitor blacklisted addresses
  • Offer:
    • Monitor addresses from OFAC lists or that were part of a hack/exploit/fraud

E. Protocol Operations Monitoring

  1. Monitor protocol treasury and wallets
  • Offer:
    • Monitor large transfers or movements of funds from protocol treasury
    • Monitor protocol multi-sig wallets for anomalies and suspicious transactions
    • Pre-transaction API that can simulate a transaction outcome before applying it on-chain
  1. Monitor protocol-defined parameters/invariants
  • Offer:
    • Monitor specific invariants, functions, and events as specified by the Venus team

Part 2: Build and deploy incident response plan

  1. Incident Response
  • Identify root cause(s) and suggest remedies / repairs and communication
  • Automatically notify Chainalysis to label attacker wallets and track stolen funds.
  • War room management and connection with community volunteering help and Venus team members
  • Connection to and management of vendors and network of contacts (Circle, Bridges, Chainalysis, Chain security teams, etc) to help with recovery of stolen funds and post incident help to the DAO
  • Community communications and post mortem
  • Creating best practices based on historical incidents and create playbooks with the learning

Budget

The request is to approve a $60K budget expenditure paid in XVS for 12 months, approved and released by the DAO contributors.Preformatted text