SLURP-21: Proposal to Procure Hypernative Services for Enhanced Security and Monitoring

Abstract: This proposal requests approval from the stake.link DAO to procure Hypernative’s comprehensive security and monitoring services on a yearly, recurring subscription basis. The goal is to significantly enhance the security of the stake.link protocol by leveraging Hypernative’s advanced threat detection and prevention capabilities.

Rationale: Hypernative offers a robust CryptoSecOps platform designed to address the relentless security challenges in the Web3 space. Given the increasing complexity and frequency of cyber threats, it is mission-critical for the stake.link protocol to adopt advanced security measures that go beyond traditional audits and procure real-time monitoring and proactive prevention.

Key Features of Hypernative Services:

• Comprehensive Risk Monitoring: Hypernative monitors both onchain and offchain data to predict cyber, economic, governance, and community threats before they impact the protocol.
• Proactive Detection and Prevention: The platform uses machine learning (ML) models to detect risks and connect them to preventive workflows, either manually or automatically.
• Phishing and Scam Detection: Hypernative detects phishing campaigns targeting token holders and fraud campaigns targeting community members.
• Protocol Operations Monitoring: The service includes monitoring treasury and wallets, large transfers, multi-sig wallets, and specific invariants in smart contracts.
• Oracle and Bridge Security Monitoring: It provides alerts related to oracle deviations and bridge security incidents, ensuring reliability and safety.
• Integration and Customization: The platform integrates with Slack, Email, API, Telegram, and Discord, offering customizable monitoring solutions tailored to our specific needs.

Subscription Details:

• Service Period: Recurring yearly upon approval from the stake.link DAO
• Coverage: Up to 45 addresses, 75 custom agents, 10 protocols, support for 5 chains, and 3 automated actions.
• Cost: $25,000 per year, paid for by the stake.link DAO Treasury.

Implementation: Upon approval, the stake.link DAO will allocate $25,000 for the yearly subscription to Hypernative from the stake.link Treasury. This investment will ensure that the stake.link protocol is equipped with state-of-the-art security measures to protect against various threats, enhancing overall protocol safety and reliability.

Ending Thoughts

Adopting Hypernative’s services will provide stake.link with a comprehensive security framework working around the clock, 24/7/365 – essential for maintaining trust and ensuring the safety of the protocol’s operations. We encourage all members of the stake.link Governing Council to vote in favor of this proposal to secure our protocol against emerging threats and vulnerabilities.

Great to see this posted here and shown to the entire community.

This comes at no greater timing as our team is always on top of hacks happening on a frequent basis (trust me, we see these happening more times than you think). In the last bullrun, we saw a hack every 3 days.

More recently, and to be more precise, earlier today, our platform detected a hack targeting LiFi, which is not at present a Hypernative customer - yet.

We do this as part of our ongoing commitment to make web3 a more secure place, for both projects and their users, and educating everyone that real-time monitoring, and an accurate platform like ours, is instrumental in further extending a project’s security and their users’ funds.

We’re consistently the first ones to notify non-customer protocols about attacks imminent to happen, or that are happening in real-time, and we help them set up war rooms and start working on incident response, plus recovering funds.

We immediately alerted the protocol, urging them to pause their cross chain activity. In the meantime we analyzed the root cause, and came up with a quick resolution for the LiFi team to implement. That required a multi-sig execution so took some time but eventually executed.

Hypernative was the first to alert the team and helped them triage and respond to the attack. A total of nearly 10M USD were lost in the attack over the course of ~40 minutes. Had they been working with us, we could have averted the entirety of the hack.

Sharing a few other shoutouts from recent hacks - from non-customers we notified:

UwU Lend - x.com

These are just a few of the 100s we’ve been able to do the same for.

The partnership with Stake.link is directly eyeing out at inserting our system to make sure we detect these hacks before they happen, and making sure we stop them completely.

This is guaranteeing Stake.link’s longevity and sustainability, making sure they grow healthy and without setbacks, and confidently attracting more users.

Look forward to working with the Stake.link

A few other ones shared below:

Velocore - x.com

Sonne Finance - x.com

Were any other solutions looked into for this? Does this come at the recommendation of a developer on the core team?

Cheers reSDL.eth – hope your week has been well!

The Core Contributors of the stake.link protocol, LinkPool, fully endorse Hypernative after going through a trial period. Our Lead Engineer was especially impressed with the service upon conclusion of the trial.

Hypernative’s track record truly speaks for itself, and their services will act as a crucial safeguard in protecting all users of the stake.link protocol.

Best,

Matias

Thank you for the follow up on this LPM. Perfect, I appreciate the diligence from yourself and the team regarding protocol security. If you already have a working relationship with Hypernative, all other security related services chosen by SDL have been top notch like cyfrin, so I support this. Thank you