Amidst the tumultuous world of blockchain and its continuous battle with cyber threats, two indomitable figures are steering the ship towards safer waters.
Isaac Patka from Shield3, an AI security firm, alongside Samczsun, a well-versed research partner at Paradigm, are on a relentless mission.
They’ve been grinding since spring, elbow-deep in blockchain projects, with an aim to fortify security defenses and send hackers packing.
Battling the DeFi Threats Head-On
Early August saw the inception of SEAL 911, their brainchild, a Telegram bot ingeniously designed to connect desperate users with a network of seasoned security professionals.
This initiative wasn’t born out of thin air. It’s a direct response to a barrage of hacks that have incessantly assaulted the blockchain landscape.
Remember the $70 million Curve Finance fiasco in July? Yeah, they are addressing that kind of chaos. This isn’t your average Joe’s playground. We are talking about safeguarding potential hundreds of millions, and these guys are dead serious about it.
With their initial success, they are far from done. The dynamic duo is now ramping things up with a new emergency drill initiative. This isn’t your run-of-the-mill fire drill at school.
This is the real deal, aiming to prep up-and-coming blockchain protocols for the imminent cyber onslaught. It’s a wild world out there, and they are ensuring these protocols are ready to throw down and defend their turf when the time comes.
Patka spilled the beans to Blockworks, walking us through their journey, their learnings, and the chaos that ensues in the blockchain realm.
Inside the War Room: Training for the Inevitable
Initiating their undertaking with the emergency drill initiative, Patka recalled the inception of this brainchild. It was a meeting of minds, with Jeanne playing matchmaker, introducing Patka to Samczsun.
From the get-go, there was a spark. Patka, armed with his research on avoiding social attacks and dependency failures in decentralized communities, found a kindred spirit in Samczsun.
Together, they embarked on a mission, kicking off with outlining a drill framework for Compound Labs, the first brave souls to volunteer for their drill.
“Comprehensive recon” is their secret sauce in the initial phases, a meticulous process of dissecting every aspect of the target protocol.
They’re not just looking; they’re hunting, searching for the control surface, understanding the dependencies, monitoring systems, risk processes, and searching for inconsistencies. This intense recon lays down the foundation for what’s to come – the tabletop scenarios.
These tabletop simulations are not for the faint of heart. They are intense, high-stakes scenarios that thrust the team into the chaos of a real attack, questioning their every move, testing their alert systems, their response times, and their coordination.
This is where the rubber meets the road, uncovering the “hot spots” and putting their defenses to the ultimate stress test. And when it comes to selecting the guinea pigs for their drills? They are not just picking anyone.
They are looking for the best, the protocols that have seen some action, survived a few skirmishes, and lived to tell the tale. These are the protocols that can both benefit from their training and contribute to the greater good, sharing their invaluable experience with the blockchain community.
The first test with Compound protocol was a revelation, a balancing act of creating a scenario that was both challenging yet not utterly catastrophic.
The emphasis was on coordination, monitoring, and response, with a keen eye on the social and technical aspects of the drill. The learning curve was steep, with late-night debugging sessions, network forks, block explorer challenges, and monitoring infra stability tests.
And when it comes to avoiding zero-day vulnerabilities, it’s not about dodging the bullet. It’s about creating a controlled environment, a scenario that is contained within the protocol’s ecosystem, providing a realistic yet manageable challenge for the team.
It’s about building resilience, preparing for the worst while hoping for the best. As for the future? The sky’s the limit. More protocols, more scenarios, and more challenges await.
The drills are evolving, becoming more accessible, and ensuring that when cyber threats come knocking, the blockchain community will be ready, standing tall, and unyielding.
So, here’s to Patka, Samczsun, and their relentless pursuit of security in the blockchain realm. They might not wear capes, but in the wild, unpredictable world of blockchain, they are the unsung heroes, fighting the good fight and ensuring that we can all sleep a little bit easier at night.
The content of this article was gotten from a recent report from Blockcworks.