Proposal Type: Funding Proposal
Supported Chains: Chainalysis’ Tools and Services are Chain agnostic. Focusing on Ethos Reserve’s current deployment. (Optimism)
Proposal Author: Chainalysis
Date: Aug, 13, 2023
Chainalysis offers a comprehensive security suite tailored for Ethos Reserve. Through predictive monitoring, streamlined recovery coordination, and bespoke incident response planning, Chainalysis proposes, for a $30,000 grant for 12 months of service, to fortify Ethos Reserve’s infrastructure against the rising threat of DeFi hacks and exploits, and aims for rapid asset recovery. [0.0042% of $7.14M TVL]
Hackers are stealing more cryptocurrency from DeFi platforms than ever before. In Chainalysis “Crypto Crime Report 2023,” It is detailed how DeFi protocols in 2022 became the primary target of crypto with $3.8B stolen, primarily from DeFi protocols and by North Korea-linked attackers. There is a dire need for preemptive action. Chainalysis emphasizes a multifaceted approach ensuring swift alerts, post-breach strategies, and comprehensive incident response planning.
Conflict of Interest: Chainalysis affirms no existing or foreseen conflicts of interest. The proposal aims solely to bolster Ethos Reserve’s security infrastructure.
Justification: The faster the response to hacks, the higher the likelihood of recovering assets. In light of the recent DeFi exploits, many communities consistently discuss how protocols can augment security measures. Chainalysis offers this proposal for community commentary, input, and consideration to strengthen security monitoring of Ethos Reserve. To date, Chainalysis has aided in the recovery of over $11B in stolen funds through their own investigations and others they’ve supported.
- Monitoring/Prediction: Chainalysis will integrate state-of-the-art technology to predict potential threats. Early alerts will significantly bolster the chances of freezing and subsequently recovering funds.
- Recovery Coordination: After immobilizing funds, Chainalysis will promptly generate an Intelligence Report. This report will be shared with pertinent Law Enforcement agencies. Chainalysis will also facilitate introductions to experienced legal counsel for navigating jurisdiction-specific recovery processes.
- Incident Response Planning: Chainalysis proposes to collaborate closely with the Ethos Reserve team to:
- Draft External Communications: Ensure transparent yet strategic community disclosures without hampering recovery possibilities.
- Collaborate on an Emergency Response Plan: Clearly delineate responsibilities within the team during crises.
Chainalysis is a firm composed of a world-class ensemble of professional investigators, cybersecurity mavens, and adept data engineers. With a prominent global reputation, Chainalysis has consistently demonstrated its prowess in successful asset recovery operations with $11B in stolen funds recovered since our first investigation of the Mt. Gox Investigation of 2014.
Axie Infinity Hack & Successful Asset Recovery: “$30 Million Seized: How the Crypto Community Is Making It Difficult for North Korean Hackers To Profit” (https://blog.chainalysis.com/reports/axie-infinity-ronin-bridge-dprk-hack-seizure/)
(Further testimonials in Reference Section)
Key Objectives & Success Metrics
- Complete integration of Chainalysis’ monitoring system within two months.
- Achieve 95% accuracy in predictive alerts.
- Streamline an incident response blueprint within one month.
- Aim for a 80%+ success rate of recoverable funds post-incident.
Length of Engagement & Budget Breakdown
Engagement Specifications: Procuring Proactive CIR costs up to $30,000 for 12 months of coverage (paid upfront). This includes the incident alert/monitoring, the response plan guidance and up to 100 hours of investigative work and support for any hacks or incidents that occur in the engagement period. Approval of this proposal shall begin the onboarding process for CIR, and transfer of payment for 12 months of coverage.
OATH Ecosystem Offering: Chainalysis values the partnership with OATH that was built through previous investigations. As a Governance focused community, OATH is uniquely positioned to implement this incident response offering across multiple protocols. If OATH, in good faith, agrees to present this offering to other protocols in their ecosystem, whereby Chainalysis is a standardized part of their suggested on-chain security package, Chainalysis will extend OATH a discount for all CIR Proposals of 16% (12 month coverage for $25,000). This discount would be applicable to only those protocols and dApps within OATH’s ecosystem; starting with Ethos Reserve. [0.35% of TVL]
After having successful fund seizures and recoveries in the largest defi exploit of last year (Axie Infinity), Chainalysis has a proven track record of continuing to be the trailblazers in defining the industry standard for crypto recovery efforts. Potential risks to this proposal mainly encompass breaches that might surpass our recovery capabilities, given the constantly evolving hacking methodologies. Regular system updates, cybersecurity training, and close collaboration between Ethos Reserve and Chainalysis can help mitigate these risks.
Endorsing Chainalysis’s proposal is not just an upgrade; it is a testament to Ethos Reserve’s unwavering commitment to user trust and security. With Chainalysis, Ethos can ensure vigilant monitoring, swift response, and meticulous planning, setting a gold standard in DeFi security.
If the community supports this proposal, Chainalysis can support follow-on proposals for other OATH Ecosystem dApps, and will explore potential co-marketing engagements in collaboration with core contributors of the OATH Foundation.
- Website: Chainalysis Professional Crypto Investigations & Special Programs
- One-Pager: Defi Crypto Incident Response 1-Pager
- Customer Stories / Customer References:
- Blog post on the Axie Infinity Hack & Successful Asset Recovery: “$30 Million Seized: How the Crypto Community Is Making It Difficult for North Korean Hackers To Profit”
- Twitter Post from Morpho: “Morpho Labs has partnered up with Chainalysis to strengthen the Incident Response Plan for Morpho protocol!”
- Twitter Post from Algorand: “We have engaged Chainalysis to help trace compromised wallet transfers and freeze funds if they are deposited in an exchange that integrates with and acts upon Chainalysis data.”
- Source Data:
- Chainalysis: The Chainalysis 2023 Crypto Crime Report, including original data and research into cryptocurrency-based crime.
- Security Intelligence: Cryptocurrency-Related Crime Boomed in 2022
- Sharedum: Top 10 DeFi Hacks You Should Know in 2023
- Cointelegraph: DeFi exploits, and access control hacks cost crypto investors billions in 2022: Report