veballer.eth

[BIP-545] Funding Hypernative Security Program for Balancer

Voting ended about 2 years agoSucceeded

PR with Payload

https://github.com/BalancerMaxis/multisig-ops/pull/794

Service Provider Name: Hypernative

Leader(s): Gal Sagie, Dan Caspi, Andrey Dulkin, Vazi

Pledge to abide by the DAO's Code of Conduct (or link to your own): Yes

Pledge to abide by the Accountability Guidelines: Yes

Domains of Operation: Web3 Security, InfoSec/OpSec and on/off chain security

Key Objectives & Success Metrics:

Summary

The proposal aims to extend Hypernative's security advisory services to Balancer DAO and provide additional Hypernative platform monitoring features, with a focus on enhancing protocol resiliency, strengthening security operations, and reducing the risk of hacks, exploits, fund losses, and catastrophic events, all while fostering long-term sustainable growth.

Building on the work accomplished over the past three months, this proposal will prioritize the following components:

Improve and enhance the findings based on Hypernative security assessment and report to create more guardrails and monitoring of risks a. Continuous re-asses and help consult on any operational security aspects
Build and deploy an incident response plan and operate as needed
Deploy frontend monitoring
Deploy on-chain monitoring

The component full description, deliverables, and planned timeline are specified within each component below.

A quarterly report will be submitted to the DAO to outline the outcomes of each quarter and to present plans for the next quarter

The request is to approve a $60,000 USDC yearly budget paid quarterly. for the following sections as a unified package

Results

Over the past 3 months Hypernative acted as a security advisor to Balancer DAO, and provided a threat assessment report across the below verticals:

DeFi Safety Report:
The team assessed the main weaknesses identified in the latest DeFiSafety report. Reviewed and provided recommendations where needed in the following categories: 1.Team responsiveness 2. Audit matrix applicability 3. Protocol Architecture Documentation 4. Signing Policy Monitoring
Monitoring & Prevention - mapped the current monitoring and prevention solutions used for on-chain monitoring, infrastructure, multisig monitoring, and frontend monitoring.
Emergency Procedures - reviewed and provided recommendations for emergency procedures, including permissions and response guidelines.
Access Controls- mapped each permission and its owner, including multisig/permissioned calls, DNS, and frontend.
GitHub - mapped architecture, contracts, deployment flow, organization review (using admin permissions) and roles.
AWS - mapped organization review using admin permissions
Socials- reviewed Balancer Discord and Twitter configurations, member permissions, and security setup and provided recommendations and best practices to enhance security and achieve a higher level of security
Signing Policy - reviewed multisig management, multisig roles, the structure for executing proposals, and provided best practices recommendations.
Incident Response- suggested various incident response plans and workflows, including:
Assigning relevant stakeholders for internal incident handling plans.
Developing incident response plan playbooks for different types of incidents.

Proposal

The Proposal Motivation

There are many security tasks, processes and incident handling that need to be augmented in a protocol like Balancer.

The idea of this proposal is to provide a virtual CISO (Chief Information security officer) services to augment Balancer infosec and on-chain/off-chain security postures by leveraging Hypernative in-house expertise and network of connections.

The proposal will outline the responsibilities addressed and handled which will be organized and advised by Hypernative but carried and implemented fully by a combination of Hypernative and the DAO.

Balancer + Hypernative

Hypernative team has been an instrumental helper in the last security incidents that Balancer has undergone, both from helping with automated tracking of the hacks and stolen funds movement, communication with external entities like exchanges/Chainalysis and helping with the war room and bringing the relevant help to the table.

We believe that Balancer and Hypernative can together create a new standard of security program that will emphasize the DAO commitment for its users and the security of their funds.

The Proposal Details

Continue Hypernative operational security advisory plan

Fix and enhance the findings based on Hypernative security assessment and report per need
Continuously re-asses and help to analyze operational security posture and provide real time help with any needed task to create more guardrails and monitoring for operational risks
Hypernative will manage the backlog of open risks findings in secured shared space with the relevant BLabs teams and will track the resolution of the risk or the roadmap/planning
1. Including providing suggestions of possible fixes

Deliverable: Harden infrastructure based on risk findings and provide continuous support for new security operations, suggestions and vendor assessments Dependencies: BLabs Timeline: Starts after approval Standalone Price : $15,000 USDC yearly

Build and deploy incident response plan and operate it on a per need basis

Offer:

Identify root cause(s) and suggest remedies / repairs and communication
War room management and connection with community volunteering help and Balancer team members
Connection to and management of vendors and network of contacts (Circle, Bridges, Chainalysis, Chain security teams, etc) to help with recovery of stolen funds and post incident help to the DAO
Community communications and post mortem
Creating best practices based on historical incidents and create playbooks with the learning

Deliverable: Build an internal incident handling plan and assign relevant stakeholders. Provide real-time support to the Balancer team during any incident. Balancer team members will be needed to allocate time and focus to ensure the successful implementation of the incident response plan. Dependencies: BLabs and Eco-Council Time: The proposal includes a time bank of 160 hours across the year as needed + $200 hourly rate for any additional hours per need Timeline: Starts after approval Standalone Price: $10,000 USDC yearly

Frontend monitoring:

Offer:

Detect Web application security incidents like DNS hijacks, DNS provider compromises, compromised plugins and backends
Provide real time alerts on any suspicious change to the web application
Related examples that could have been early detected using the suggested frontend monitoring:
- Balancer DNS attack, September, 2023
- Ledger Connect compromised javascript library, December 2023
- Velodrome DNS attacks, November and December 2023
- Trader Joe’s compromised plugins attack, November 2023
- BadgerDAO
- Convex Finance

Deliverable : Deploy frontend monitoring to prevent the Balancer web app from frontend attacks and create specific tests for Balancer front end application Dependencies: Hypernative will own development process completely and will agree with BLabs frontend team on mitigation processes Timeline: Service year start upon request from BLabs when V3 frontend is ready Standalone Price : $15,000 USDC

On-Chain monitoring and prevention automation

Offer:

Reviewing security framework and response procedure, assigning a

contact person for various events

Set standard operational procedure (response & contact points) on category of events and time-sensitivity for any security or operational case
Balancer V3 - understand and create pre-incident measures to mitigate risk and react in time (pause contracts, limit/cap protocol, blacklist addresses, move funds to a safe/vault for emergency etc.)
Protocol Security Alerts
- Leverage Hypernative zero-day detection modules to detect threat and alert in real time on security incidents related to or directed at Balancer contracts
Multisig monitoring
Monitor ownership changes for the multisig
Monitor multisig configuration changes
Monitor for transactions initiated in the Safe - upon initiation, prior to execution
monitoring for every transaction executed using the DAO Multisig
Monitor protocol treasury and wallets
Monitor large transfers or movements of funds from protocol treasury
Governance monitoring
- Monitor Governance token holders
Monitor government token transfers
Alert on governance token concentration
Governance proposal review
- Review proposals from security point of view and add relevant alerts
Phishing and Scamming Detection
- On-chain detection
Detect phishing campaigns targeted at Balancer token holders and provide alerts to warn the community
Monitor Balancer Ecosystem Projects
Use Hypernative system to model specific monitoring for Balancer based projects
Provide ecosystem-wide threat intelligence to detect and respond to any malicious activity on ecosystem projects, including hacks, exploits, phishing, scams, and rug pulls.

Deliverable: Deploy Hypernative on-chain monitoring and prevention platform, all the above features are supported as part of the platform already. Hypernative team will create security playbook plans with the BLabs team to define the reaction’s (automated or manual) for any of the above mentioned risks Dependencies: BLabs and Eco-Council Timeline: Service year start upon V3 ready and BLabs notification Standalone Price: $45,000 USDC yearly

About Hypernative

Hypernative actively detects and responds to zero-day cyber attacks, financial risks, on-chain anomalies, and safeguards digital assets, protocols, and Web3 applications from significant threats and losses.

Hypernative today works with some of the leading crypto organizations (Polygon, Starknet, Zetachain, Linea, Circle, Galaxy, OlympusDAO, Karpatkey DAO, Chainalysis to name a few and many others)

Hypernative is an active participant in many crypto security organizations and committees geared towards helping projects and the industry as a whole to create new security solutions and standards.

Hypernative team is well experienced in crypto and cyber security with 10’s of years of combined experience from companies like: Microsoft, IBM, Google, VMware, CyberArk, ChainReaction, Orbs, Intel and others.

Length of Engagement & Budget: Total of $60,000 USDC for a year on all sections combined Sections 1 and 2 start immediatley after approval for a year Sections 3 and 4 start after an agreed notice from BLabs team close to V3 alpha

ETH Address to Receive Funds: 0x5CA24e2A586834A7B96216D68b26A82405e3DC15

Link to SLA (if going through the Foundation: Will be shared after approval of this proposal

If accepted, the Balancer DAO multisig 0x10A19e7eE7d7F8a52822f6817de8ea18204F2e4f will interact with USDC 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48 by writing transfer passing the address 0x5CA24e2A586834A7B96216D68b26A82405e3DC15 as recipient and amount 60000000000 to transfer 60000 USDC to the Hypernative ETH mainnet wallet address

Off-Chain Vote

Yes, let's do it

3.56M veBAL100%

No, this is not the way

0 veBAL0%

Abstain

0 veBAL0%

Quorum:178%

Download mobile app to vote

Discussion

[BIP-545] Funding Hypernative Security Program for Balancer

Timeline

Feb 14, 2024Proposal created

Feb 15, 2024Proposal vote started

Feb 19, 2024Proposal vote ended

Mar 16, 2026Proposal updated

PR with Payload

https://github.com/BalancerMaxis/multisig-ops/pull/794

Service Provider Name: Hypernative

Leader(s): Gal Sagie, Dan Caspi, Andrey Dulkin, Vazi

Pledge to abide by the DAO's Code of Conduct (or link to your own): Yes

Pledge to abide by the Accountability Guidelines: Yes

Domains of Operation: Web3 Security, InfoSec/OpSec and on/off chain security

Key Objectives & Success Metrics:

Summary

Building on the work accomplished over the past three months, this proposal will prioritize the following components:

Improve and enhance the findings based on Hypernative security assessment and report to create more guardrails and monitoring of risks a. Continuous re-asses and help consult on any operational security aspects
Build and deploy an incident response plan and operate as needed
Deploy frontend monitoring
Deploy on-chain monitoring

The component full description, deliverables, and planned timeline are specified within each component below.

A quarterly report will be submitted to the DAO to outline the outcomes of each quarter and to present plans for the next quarter

The request is to approve a $60,000 USDC yearly budget paid quarterly. for the following sections as a unified package

Results

Over the past 3 months Hypernative acted as a security advisor to Balancer DAO, and provided a threat assessment report across the below verticals:

DeFi Safety Report:
The team assessed the main weaknesses identified in the latest DeFiSafety report. Reviewed and provided recommendations where needed in the following categories: 1.Team responsiveness 2. Audit matrix applicability 3. Protocol Architecture Documentation 4. Signing Policy Monitoring
Monitoring & Prevention - mapped the current monitoring and prevention solutions used for on-chain monitoring, infrastructure, multisig monitoring, and frontend monitoring.
Emergency Procedures - reviewed and provided recommendations for emergency procedures, including permissions and response guidelines.
Access Controls- mapped each permission and its owner, including multisig/permissioned calls, DNS, and frontend.
GitHub - mapped architecture, contracts, deployment flow, organization review (using admin permissions) and roles.
AWS - mapped organization review using admin permissions
Socials- reviewed Balancer Discord and Twitter configurations, member permissions, and security setup and provided recommendations and best practices to enhance security and achieve a higher level of security
Signing Policy - reviewed multisig management, multisig roles, the structure for executing proposals, and provided best practices recommendations.
Incident Response- suggested various incident response plans and workflows, including:
Assigning relevant stakeholders for internal incident handling plans.
Developing incident response plan playbooks for different types of incidents.

Proposal

The Proposal Motivation

There are many security tasks, processes and incident handling that need to be augmented in a protocol like Balancer.

The proposal will outline the responsibilities addressed and handled which will be organized and advised by Hypernative but carried and implemented fully by a combination of Hypernative and the DAO.

Balancer + Hypernative

We believe that Balancer and Hypernative can together create a new standard of security program that will emphasize the DAO commitment for its users and the security of their funds.

The Proposal Details

Continue Hypernative operational security advisory plan

Fix and enhance the findings based on Hypernative security assessment and report per need
Continuously re-asses and help to analyze operational security posture and provide real time help with any needed task to create more guardrails and monitoring for operational risks
Hypernative will manage the backlog of open risks findings in secured shared space with the relevant BLabs teams and will track the resolution of the risk or the roadmap/planning
1. Including providing suggestions of possible fixes

Build and deploy incident response plan and operate it on a per need basis

Offer:

Identify root cause(s) and suggest remedies / repairs and communication
War room management and connection with community volunteering help and Balancer team members
Connection to and management of vendors and network of contacts (Circle, Bridges, Chainalysis, Chain security teams, etc) to help with recovery of stolen funds and post incident help to the DAO
Community communications and post mortem
Creating best practices based on historical incidents and create playbooks with the learning

Frontend monitoring:

Offer:

Detect Web application security incidents like DNS hijacks, DNS provider compromises, compromised plugins and backends
Provide real time alerts on any suspicious change to the web application
Related examples that could have been early detected using the suggested frontend monitoring:
- Balancer DNS attack, September, 2023
- Ledger Connect compromised javascript library, December 2023
- Velodrome DNS attacks, November and December 2023
- Trader Joe’s compromised plugins attack, November 2023
- BadgerDAO
- Convex Finance

On-Chain monitoring and prevention automation

Offer:

Reviewing security framework and response procedure, assigning a

contact person for various events

Set standard operational procedure (response & contact points) on category of events and time-sensitivity for any security or operational case
Balancer V3 - understand and create pre-incident measures to mitigate risk and react in time (pause contracts, limit/cap protocol, blacklist addresses, move funds to a safe/vault for emergency etc.)
Protocol Security Alerts
- Leverage Hypernative zero-day detection modules to detect threat and alert in real time on security incidents related to or directed at Balancer contracts
Multisig monitoring
Monitor ownership changes for the multisig
Monitor multisig configuration changes
Monitor for transactions initiated in the Safe - upon initiation, prior to execution
monitoring for every transaction executed using the DAO Multisig
Monitor protocol treasury and wallets
Monitor large transfers or movements of funds from protocol treasury
Governance monitoring
- Monitor Governance token holders
Monitor government token transfers
Alert on governance token concentration
Governance proposal review
- Review proposals from security point of view and add relevant alerts
Phishing and Scamming Detection
- On-chain detection
Detect phishing campaigns targeted at Balancer token holders and provide alerts to warn the community
Monitor Balancer Ecosystem Projects
Use Hypernative system to model specific monitoring for Balancer based projects
Provide ecosystem-wide threat intelligence to detect and respond to any malicious activity on ecosystem projects, including hacks, exploits, phishing, scams, and rug pulls.

About Hypernative

Hypernative today works with some of the leading crypto organizations (Polygon, Starknet, Zetachain, Linea, Circle, Galaxy, OlympusDAO, Karpatkey DAO, Chainalysis to name a few and many others)

Hypernative is an active participant in many crypto security organizations and committees geared towards helping projects and the industry as a whole to create new security solutions and standards.

ETH Address to Receive Funds: 0x5CA24e2A586834A7B96216D68b26A82405e3DC15

Link to SLA (if going through the Foundation: Will be shared after approval of this proposal

[BIP-545] Funding Hypernative Security Program for Balancer

PR with Payload

Summary

Results

Proposal

Balancer + Hypernative

Continue Hypernative operational security advisory plan

Build and deploy incident response plan and operate it on a per need basis

Frontend monitoring:

On-Chain monitoring and prevention automation

Off-Chain Vote

Discussion

Timeline

[BIP-545] Funding Hypernative Security Program for Balancer

PR with Payload

Summary

Results

Proposal

Balancer + Hypernative

Continue Hypernative operational security advisory plan

Build and deploy incident response plan and operate it on a per need basis

Frontend monitoring:

On-Chain monitoring and prevention automation

Off-Chain Vote

Discussion

Timeline