Service Provider Name: Hypernative
Leader(s): Gal Sagie, Dan Caspi, Andrey Dulkin, Vazi
Pledge to abide by the DAO’s Code of Conduct (or link to your own): Yes
Pledge to abide by the Accountability Guidelines: Yes
Domains of Operation: Web3 Security, InfoSec/OpSec and on/off chain security
Key Objectives & Success Metrics:
The proposal aims to extend Hypernative’s security advisory services to Balancer DAO and provide additional Hypernative platform monitoring features, with a focus on enhancing protocol resiliency, strengthening security operations, and reducing the risk of hacks, exploits, fund losses, and catastrophic events, all while fostering long-term sustainable growth.
Building on the work accomplished over the past three months, this proposal will prioritize the following components:
- Improve and enhance the findings based on Hypernative security assessment and report to create more guardrails and monitoring of risks
a. Continuous re-asses and help consult on any operational security aspects
- Build and deploy an incident response plan and operate as needed
- Deploy frontend monitoring
- Deploy on-chain monitoring
The component full description, deliverables, and planned timeline are specified within each component below.
A quarterly report will be submitted to the DAO to outline the outcomes of each quarter and to present plans for the next quarter
The request is to approve a $60,000 USDC yearly budget paid quarterly. for the following sections as a unified package
Over the past 3 months Hypernative acted as a security advisor to Balancer DAO, and provided a threat assessment report across the below verticals:
DeFi Safety Report:
The team assessed the main weaknesses identified in the latest DeFiSafety report. Reviewed and provided recommendations where needed in the following categories:
2. Audit matrix applicability
3. Protocol Architecture Documentation
4. Signing Policy
Monitoring & Prevention - mapped the current monitoring and prevention solutions used for on-chain monitoring, infrastructure, multisig monitoring, and frontend monitoring.
Emergency Procedures - reviewed and provided recommendations for emergency procedures, including permissions and response guidelines.
Access Controls- mapped each permission and its owner, including multisig/permissioned calls, DNS, and frontend.
GitHub - mapped architecture, contracts, deployment flow, organization review (using admin permissions) and roles.
AWS - mapped organization review using admin permissions
Socials- reviewed Balancer Discord and Twitter configurations, member permissions, and security setup and provided recommendations and best practices to enhance security and achieve a higher level of security
Signing Policy - reviewed multisig management, multisig roles, the structure for executing proposals, and provided best practices recommendations.
Incident Response- suggested various incident response plans and workflows, including:
Assigning relevant stakeholders for internal incident handling plans.
Developing incident response plan playbooks for different types of incidents.
The Proposal Motivation
There are many security tasks, processes and incident handling that need to be augmented in a protocol like Balancer.
The idea of this proposal is to provide a virtual CISO (Chief Information security officer) services to augment Balancer infosec and on-chain/off-chain security postures by leveraging Hypernative in-house expertise and network of connections.
The proposal will outline the responsibilities addressed and handled which will be organized and advised by Hypernative but carried and implemented fully by a combination of Hypernative and the DAO.
Hypernative team has been an instrumental helper in the last security incidents that Balancer has undergone, both from helping with automated tracking of the hacks and stolen funds movement, communication with external entities like exchanges/Chainalysis and helping with the war room and bringing the relevant help to the table.
We believe that Balancer and Hypernative can together create a new standard of security program that will emphasize the DAO commitment for its users and the security of their funds.
The Proposal Details
Fix and enhance the findings based on Hypernative security assessment and report per need
Continuously re-asses and help to analyze operational security posture and provide real time help with any needed task to create more guardrails and monitoring for operational risks
Hypernative will manage the backlog of open risks findings in secured shared space with the relevant BLabs teams and will track the resolution of the risk or the roadmap/planning
- Including providing suggestions of possible fixes
Deliverable: Harden infrastructure based on risk findings and provide continuous support for new security operations, suggestions and vendor assessments
Timeline: Starts after approval
Standalone Price : $15,000 USDC yearly
- Identify root cause(s) and suggest remedies / repairs and communication
- War room management and connection with community volunteering help and Balancer team members
- Connection to and management of vendors and network of contacts (Circle, Bridges, Chainalysis, Chain security teams, etc) to help with recovery of stolen funds and post incident help to the DAO
- Community communications and post mortem
- Creating best practices based on historical incidents and create playbooks with the learning
Deliverable: Build an internal incident handling plan and assign relevant stakeholders. Provide real-time support to the Balancer team during any incident. Balancer team members will be needed to allocate time and focus to ensure the successful implementation of the incident response plan.
Dependencies: BLabs and Eco-Council
Time: The proposal includes a time bank of 160 hours across the year as needed + $200 hourly rate for any additional hours per need
Timeline: Starts after approval
Standalone Price: $10,000 USDC yearly
- Detect Web application security incidents like DNS hijacks, DNS provider compromises, compromised plugins and backends
- Provide real time alerts on any suspicious change to the web application
- Related examples that could have been early detected using the suggested frontend monitoring:
- Balancer DNS attack, September, 2023
- Velodrome DNS attacks, November and December 2023
- Trader Joe’s compromised plugins attack, November 2023
- Convex Finance
Deliverable : Deploy frontend monitoring to prevent the Balancer web app from frontend attacks and create specific tests for Balancer front end application
Dependencies: Hypernative will own development process completely and will agree with BLabs frontend team on mitigation processes
Timeline: Service year start upon request from BLabs when V3 frontend is ready
Standalone Price : $15,000 USDC
- Reviewing security framework and response procedure, assigning a
contact person for various events
Set standard operational procedure (response & contact points) on category of events and time-sensitivity for any security or operational case
Balancer V3 - understand and create pre-incident measures to mitigate risk and react in time (pause contracts, limit/cap protocol, blacklist addresses, move funds to a safe/vault for emergency etc.)
Protocol Security Alerts
- Leverage Hypernative zero-day detection modules to detect threat and alert in real time on security incidents related to or directed at Balancer contracts
Monitor ownership changes for the multisig
Monitor multisig configuration changes
Monitor for transactions initiated in the Safe - upon initiation, prior to execution
monitoring for every transaction executed using the DAO Multisig
Monitor protocol treasury and wallets
Monitor large transfers or movements of funds from protocol treasury
- Monitor Governance token holders
Monitor government token transfers
Alert on governance token concentration
Governance proposal review
- Review proposals from security point of view and add relevant alerts
Phishing and Scamming Detection
- On-chain detection
Detect phishing campaigns targeted at Balancer token holders and provide alerts to warn the community
Monitor Balancer Ecosystem Projects
Use Hypernative system to model specific monitoring for Balancer based projects
Provide ecosystem-wide threat intelligence to detect and respond to any malicious activity on ecosystem projects, including hacks, exploits, phishing, scams, and rug pulls.
Deliverable: Deploy Hypernative on-chain monitoring and prevention platform, all the above features are supported as part of the platform already.
Hypernative team will create security playbook plans with the BLabs team to define the reaction’s (automated or manual) for any of the above mentioned risks
Dependencies: BLabs and Eco-Council
Timeline: Service year start upon V3 ready and BLabs notification
Standalone Price: $45,000 USDC yearly
Hypernative actively detects and responds to zero-day cyber attacks, financial risks, on-chain anomalies, and safeguards digital assets, protocols, and Web3 applications from significant threats and losses.
Hypernative today works with some of the leading crypto organizations (Polygon, Starknet, Zetachain, Linea, Circle, Galaxy, OlympusDAO, Karpatkey DAO, Chainalysis to name a few and many others)
Hypernative is an active participant in many crypto security organizations and committees geared towards helping projects and the industry as a whole to create new security solutions and standards.
Hypernative team is well experienced in crypto and cyber security with 10’s of years of combined experience from companies like: Microsoft, IBM, Google, VMware, CyberArk, ChainReaction, Orbs, Intel and others.
Length of Engagement & Budget:
Total of $60,000 USDC for a year on all sections combined
Sections 1 and 2 start immediatley after approval for a year
Sections 3 and 4 start after an agreed notice from BLabs team close to V3 alpha
ETH Address to Receive Funds: 0x5CA24e2A586834A7B96216D68b26A82405e3DC15
Link to SLA (if going through the Foundation: Will be shared after approval of this proposal
If accepted, the Balancer DAO multisig 0x10A19e7eE7d7F8a52822f6817de8ea18204F2e4f will interact with USDC 0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48 by writing transfer passing the address 0x5CA24e2A586834A7B96216D68b26A82405e3DC15 as recipient and amount 60000000000 to transfer 60000 USDC to the Hypernative ETH mainnet wallet address