[EXAIP-07] EXA Security Grant Proposal by Hypernative

Voting ended about 2 years agoSucceeded

Summary

A proposal to adopt Hypernative’s proactive threat prevention and real-time monitoring platform to protect Exactly Protocol in the event of a hack or exploit to enhance the resiliency and security of the protocol and augment the team’s security operations, while minimizing the risk of hacks and exploits, loss of funds and prevent catastrophic loss to create long-term sustainable growth.

Among other attacks, Hypernative's system detected the attack on the Exactly protocol that occurred on 2023.08.18, 25 minutes prior to the first hack transaction. (https://x.com/hypernativelabs/status/1692536366473601062?s=46&t=0cGDDaCYi1MODah6fy3kPA)

The request is for a security grant of 25,000 EXA tokens to be received during the next 12 months.

Background

About Hypernative

Hypernative actively detects and responds to zero-day cyber attacks, financial risks, on-chain anomalies and safeguards digital assets, protocols, and Web3 applications from significant threats and losses.

Hypernative today works with some of the leading crypto organizations, such as Balancer, Polygon, Starknet, Zetachain, Linea (Consensys), Circle, Galaxy, OlympusDAO, Karpatkey DAO, Chainalysis to name a few, and many others.

Hypernative is an active participant in many crypto security organizations and committees geared towards helping projects and the industry as a whole to create new security solutions and standards.

Hypernative team is well experienced in crypto and cyber security with 10s of years of combined experience from companies like: Microsoft, IBM, Google, VMware, CyberArk, ChainReaction, Orbs, Intel, and others.

Proposal

Below is a preliminary list of features that Hypernative offers for Exactly protocol to establish and ensure protocol security soundness, detect anomalies and malfunctions in 3rd-parties like Oracles, Bridges, and other tokens and protocols, and monitor off-chain and on-chain participants for suspicious behavior

A. Protocol Security

Reviewing security framework and response procedure, assigning a contact person for various events Set standard operational procedure (response & contact points) on the category of events and time-sensitivity for any security or operational case. Understand and create pre-incident measures to mitigate risk and react in time (pause contracts, limit/cap protocol, blacklist addresses, move funds to a safe/vault for emergency, etc.) Understand and create post-incident measures. Automatically notify Chainalysis to label attacker wallets and track stolen funds.
Protocol Security Alerts Leverage Hypernative zero-day detection modules to detect threats and alerts in real-time on security incidents related to or directed at Exactly Protocol contracts.
Preventive Workflows Work with the Exactly team to connect critical security alerts from Hypernative platform into preventive actions agreed upon based on the security framework review Provide consultancy and verification of the entire end-to-end real-time security process and connected alerts
Incident Response Identify root cause(s) and suggest remedies/repairs and communication.

B. Oracles, Bridges, and related Tokens

Oracle Reliability Offer: Detect deviations between two updates of an oracle Detect deviations between two updates on two different chains Detect deviations between on-chain and off-chain prices Detect a lack of updates and staleness
Bridge Security Monitoring Offer: Provide security alerts related to bridge security incidents and risks
Related Token Monitoring Offer: Monitor tokens dependent on or related to Exactly for anomalies, market economic conditions, security, holdings concentration, and supply changes (mints/burns)

C. Phishing and Scamming Detection

On-chain detection Offer: Detect phishing campaigns targeted at EXA token holders and provide alerts to warn the community

D. Participants Monitoring

Monitor suspicious users Offer: Monitor large transfers or movements of funds from participants in the protocol Monitor suspicious or illicit activity or illicit funds holdings for protocol participants
Monitor blacklisted addresses Offer: Monitor addresses from OFAC lists or that were part of a hack/exploit/fraud

E. Protocol Operations Monitoring

Monitor protocol treasury and wallets Offer: Monitor large transfers or movements of funds from protocol treasury Monitor protocol multi-sig wallets for anomalies and suspicious transactions Pre-transaction API that can simulate a transaction outcome before applying it on-chain
Monitor protocol-defined parameters/invariants Offer: Monitor specific invariants, functions, and events as specified by the Exactly team

Benefits and Conclusions

The overall motivation is to enhance security and risk operations, assisting the Exactly team with our team's security and data expertise, as well as with the use of the Hypernative platform.

In the crypto and Web3 space, it's challenging to keep track of various security risks and exposures. Having a dedicated team and a real-time platform to detect and mitigate these risks for the community is our top priority.

The implementation of this offer aims to provide real-time detection of any security attack vectors on Exactly and its participants. It will also prevent threats by defining various preventive workflows in collaboration with the team (leveraging the Hypernative Platform), and a security and solidity expert from Hypernative will be available to provide expertise and assistance regarding security incidents, bug/vulnerability disclosures, or processes, and will assist the Exactly team with integrating the system into the Exactly protocol preventive workflows to build an automated response process. Lastly, the system will provide real-time detection and alerts to the community/DAO regarding anomalies and risks in governance proposals, bridges, oracles, participants, phishing, or scamming campaigns affecting EXA and its holders (leveraging the Hypernative Platform).

The request is for a security grant of 25,000 EXA tokens to be received during the next 12 months.

Funds are to be sent to address: 0x52c5C82d3133bBDB6f93625b8fA24ae5015CAc3C

Off-Chain Vote

For

184.85K EXA99.1%

Against

1.61K EXA0.9%

Quorum:186%

Download mobile app to vote

Timeline

Jan 23, 2024Proposal created

Jan 24, 2024Proposal vote started

Jan 29, 2024Proposal vote ended

Jan 30, 2024Proposal updated

Summary

The request is for a security grant of 25,000 EXA tokens to be received during the next 12 months.

Background

About Hypernative

Hypernative is an active participant in many crypto security organizations and committees geared towards helping projects and the industry as a whole to create new security solutions and standards.

Proposal

A. Protocol Security

Reviewing security framework and response procedure, assigning a contact person for various events Set standard operational procedure (response & contact points) on the category of events and time-sensitivity for any security or operational case. Understand and create pre-incident measures to mitigate risk and react in time (pause contracts, limit/cap protocol, blacklist addresses, move funds to a safe/vault for emergency, etc.) Understand and create post-incident measures. Automatically notify Chainalysis to label attacker wallets and track stolen funds.
Protocol Security Alerts Leverage Hypernative zero-day detection modules to detect threats and alerts in real-time on security incidents related to or directed at Exactly Protocol contracts.
Preventive Workflows Work with the Exactly team to connect critical security alerts from Hypernative platform into preventive actions agreed upon based on the security framework review Provide consultancy and verification of the entire end-to-end real-time security process and connected alerts
Incident Response Identify root cause(s) and suggest remedies/repairs and communication.

B. Oracles, Bridges, and related Tokens

Oracle Reliability Offer: Detect deviations between two updates of an oracle Detect deviations between two updates on two different chains Detect deviations between on-chain and off-chain prices Detect a lack of updates and staleness
Bridge Security Monitoring Offer: Provide security alerts related to bridge security incidents and risks
Related Token Monitoring Offer: Monitor tokens dependent on or related to Exactly for anomalies, market economic conditions, security, holdings concentration, and supply changes (mints/burns)

C. Phishing and Scamming Detection

On-chain detection Offer: Detect phishing campaigns targeted at EXA token holders and provide alerts to warn the community

D. Participants Monitoring

Monitor suspicious users Offer: Monitor large transfers or movements of funds from participants in the protocol Monitor suspicious or illicit activity or illicit funds holdings for protocol participants
Monitor blacklisted addresses Offer: Monitor addresses from OFAC lists or that were part of a hack/exploit/fraud

E. Protocol Operations Monitoring

Monitor protocol treasury and wallets Offer: Monitor large transfers or movements of funds from protocol treasury Monitor protocol multi-sig wallets for anomalies and suspicious transactions Pre-transaction API that can simulate a transaction outcome before applying it on-chain
Monitor protocol-defined parameters/invariants Offer: Monitor specific invariants, functions, and events as specified by the Exactly team

Benefits and Conclusions

The overall motivation is to enhance security and risk operations, assisting the Exactly team with our team's security and data expertise, as well as with the use of the Hypernative platform.

The request is for a security grant of 25,000 EXA tokens to be received during the next 12 months.

Funds are to be sent to address: 0x52c5C82d3133bBDB6f93625b8fA24ae5015CAc3C