The Company That’s Stopping Web3 Cyber Attacks: Podcast Ep. 104

Episode 104 of the Public Key podcast is here!  The biggest fear of web3 protocols and blockchains is the prospects of being hacked.  What if there is a company that can detect these hacks before they happen. Today we speak with Gal Sagie (Co-Founder & CEO of Hypernative) who explains how his company is doing just that and helping web3 combat cyber attacks.

You can listen or subscribe now on Spotify, Apple, or Audible. Keep reading for a full preview of episode 104.

Public Key Episode 104: Detecting Hacks Before They Happen: How Hypernative is Revolutionizing Web3 Security 

What if there is a company that can detect web3 cyber attacks and hacks before they happen?

In this episode Ian Andrews (CMO, Chainalysis) speaks to Gal Sagie, who is the Co-Founder and CEO of Hypernative, whose company is doing just that. Preventing malicious cyber threats aimed against the most important protocols and blockchains in the ecosystem.

Gal showcases Hypernative’s end-to-end security and risk prevention platform and shares insights into the importance of security in driving wider adoption of blockchain technology. 

He discusses how Hypernative’s platform has successfully detected and prevented hacks and exploits in the industry and highlights the need for a comprehensive security approach beyond traditional smart contract audits and emphasizes the role of real-time monitoring and automated actions in mitigating risks.

He also explains the accuracy of detection, the ease of onboarding and the need for his company to maintain low false positive alerts and the team’s focus to expand to more chains and protocols. 

Quote of the episode

“There are few misconceptions that we found protocols or people in the industry think and that they are actually not correct. One of them is that an audit is enough and the other is that attacks are happening in one transaction. And this is when you look historically at attacks most of the attacks are not happening in one transaction. Like there are very indicative signals  of an attack before they happen. – Gal Sagie (Co-Founder & CEO, Hypernative)

Minute-by-minute episode breakdown

2 | Overview of Hypernative and its mission in Web3 security

6 | Discussion on the importance of solving the security problem for wider adoption

10 | The speed of detection: 98% of attacks being detected 2 minutes or more before the first transaction

13 | Chainlink and other ideal users of Hypernative: protocols, chains and investors

16 | The focus on accuracy to minimize false positives and maintain trust 

19 | The limitations of smart contract audits and the need for additional security measures 

23 | The endless information available on the blockchain for security analysis and the goal to detect all potential risks with minimal effort from customers

27 |The importance of detecting and preventing attacks before any funds are lost 

31 | Hypernative’s roadmap for the year ahead and plans for expansion 

Related resources

Check out more resources provided by Chainalysis that perfectly complement this episode of the Public Key.

• Website: Hypernative: Institutional Grade  Web3 Security
• Twitter: Hypernative stops zero day cyber-attacks and economic risks
• Blog: Chainlink Labs and Hypernative Partner to Enhance Web3 Security
• Blog: Chainalysis Partners with Hypernative for Real-Time Security and Incident Response
• Press Release: ‘SEAL 911’ team of white hats formed to fight crypto hacks in real time
• Registration: Digital premiere of Links 2024 (NYC Main Stage Content – Register Now!) 

• Blog: What You Need to Know About the Bitcoin Halving
• Podcast: Bitcoin Mining and Data Centre Innovations: Podcast Ep. 76

• YouTube: Chainalysis YouTube page 
• Twitter: Chainalysis Twitter: Building trust in blockchain
• Tik Tok: Building trust in #blockchains among people, businesses, and governments.
• Telegram: Chainalysis on Telegram 

Speakers on today’s episode

• Ian Andrews * Host * (Chief Marketing Officer, Chainalysis) 
• Gal Sagie (Co-Founder & CEO of Hypernative)

This website may contain links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.

Our podcasts are for informational purposes only, and are not intended to provide legal, tax, financial, or investment advice. Listeners should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material.

Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material. 

Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Chainalysis. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Chainalysis employees are those of the employees and do not necessarily reflect the views of the company

Mentioned Episodes:

The Rise of Malicious DApps in Web3 with Raz Niv – Ep 92

When we were recording this episode with Raz Niv (Co-founder and CTO, Blockaid) back in December of 2023, the web3 industry was on full alert due to a Ledger supply chain attack. Blockaid was first to break the news and this episode talks about the attack as it unraveled and how they are working to keep web3 secure.

Transcript

Ian:

Hey, everyone. Welcome to another episode of Public Key. This is your host, Ian Andrews. Today I’m joined by Gal Sagie, who is co-founder and CEO at Hypernative. Gal, we’ve been trying to make this happen for months, literally. So excited to have you here. Welcome to the show.

Gal:

Thank you. Thank you, Ian. Thank you for having me. And great t-shirt.

Ian:

Well, as anyone who sees the video of the podcast will know I’m wearing a Hypernative shirt right now. That’s how big a fan I am of the mission your company has. I think solving the security problem in Web3 is basically the most critical thing that has to be addressed in order to drive wider adoption usage.

But your company’s relatively new. The product’s been in market not quite a year and a half. So I would imagine a lot of our listeners, this might be the first time that they get the opportunity to hear about what you’re up to. So maybe we can start with what does Hypernative do, maybe an example of a recent attack that you’ve been able to block, something like that.

Gal:

Sounds good. So Hypernative was created at the mid 2022 where the idea was to create an end-to-end security and risk prevention platform that helps both protocols, investors, and big chains to detect security threats in real time before they happen and then help them to automatically prevent them before they’re losing the funds, losing their data or any kind of lost.

And we try to do that in a variety of different vectors from the on-chain part to smart contract vulnerabilities, to private key theft, to market manipulation, to front detect. So Hypernative tries to be that end-to-end one-stop shop for security detections and preventions. We’ve had I think a great success over the last year on the technical front. We essentially detected almost all, if not all, the hacks and exploit that happened on-chain, where in around 98, 99% of the cases, we are actually able to detect them before the first transaction minutes and sometimes even more.

Just recently we helped a few protocols like Prisma Finance is a protocol that our platform detected and our team actually engaged, Woo Finance, Radiant. I think that’s something that happens quite often is that even for non-customer, the way that Hypernative works is that we basically see everything. So even if there is a hacker exploit for non-customer of Hypernative, we always try to warn them and reach them in their Discord and try to find official channel to help them maybe prevent or mitigate some of the loss.

And we’ve done that. We’ve been in countless war rooms over the last year and a half. Three of our team members are actually part of the sales organization, which is helping protocols that get hacked. It’s been a busy, busy year. And for some reason, a lot of hackers prefer the weekends and holidays as well. We’ve been busy.

Ian:

We need to ask them to adjust their techniques and practices to shift to the middle of the week so it’s a little easier on folks like you. I can’t emphasize how important this is. I mean, Chainalysis Research said last year there were well over 200 hacks approaching 2 billion in funds stolen. It’s an amazing number when you think about it. And I, for one, am certainly concerned about the industry as a whole.

If we can’t solve this problem, I just can’t see how we’re going to have wider adoption, whether that’s from retail or institutional users. No one wants to put their money in a bank that they think is going to get robbed tomorrow. I would argue that the problem we have today is approaching that. So your product, giving that early warning, allowing for intervention before there’s actually funds lost I think is incredibly powerful.

We’re going to dive into how the technology works in a few minutes, but I’m curious, how did you arrive here? Anyone that looks at your LinkedIn profile, you’ve worked at some tech giants. You’ve been at VMware, IBM, Google. How did you find your way into the world of crypto and blockchain?

Gal:

Great question. It’s quite an interesting story. I got there mostly because of my co-founder, Dan. I know him for more than 10 years now. We’ve been working together. We have stayed friends. He always worked on the intersection of security, machine learning, and FinTech in the last years, and he was very excited about blockchain. He’s been talking with me about it for a few years before we even started. And I took a leap of faith based on the person that I liked him and started looking and getting to know it.

And I think what was revealed to me is a highly technical field for a technical person, and my background is mostly technical. There are a lot of innovations and things that are happening that are very, very exciting. I was also very involved in open source communities. So I was one of the core contributors to OpenStack and very early days to Kubernetes, which was a cloud operating system. So the community feeling of building something together is really similar in Web3.

And I think with that and with the different kind of opportunities that we saw, and I think that relates to what you’re saying is that we believe that security is one of the biggest challenges today to really leverage the potential of Web3 and blockchains in the financial industry and in a lot of other domains. And we thought that this is a very interesting problem to solve.

Ian:

Well, I’m so glad you jumped into it. I’m curious, you’ve had some really high profile customers, folks like Chainlink, Starknet, ZetaChain all publicly announced their use of Hypernative. Everyone should go follow your corporate Twitter, by the way, so they can keep on top of this and the hacks that you’re tracking. But talk about some of the customers that you’re building for. What’s the ideal user of Hypernative?

Gal:

Yes. So I think Hypernative vision from when we started was to basically try to protect everyone in the industry. I think we reached to a conclusion that the largest impact could be by protecting protocols and chains and asset managers and investors. So these are the three type of customer that we usually work. Anyone that is building an application on top of blockchain and huge amounts of money was stolen before we started and even now still being stolen from these applications.

And for these applications to fulfill their potential, they must be secure. No one will use something that has a very high risk, especially not institutional funds. The other criteria are big chains like Layer 1. There are two chains that have a lot of infrastructure to protect both on-chain and on the operational side. And the other one are investors like any asset manager, Treasury manager that is actually investing on-chain leverage Hypernative to detect the risks that we discover and then automatically react based on them.

Ian:

I think that’s something that is maybe less talked about in the story of Hypernative is investors being able to react not just to a hack notification necessarily, but adverse governance events I think is something that you’re also monitoring, which gets incredibly complex. It seems like the vision is really to have a complete risk dashboard if I’m an investor across all the assets, all the chains that I might have capital deployed.

Gal:

I think Hypernative, what we are trying to do here is basically to create not just a dashboard, but the system that helps you detect these variety of risks and then automatically react to this risk in an automated or even a manual manner. And the risk in Web3 in blockchain is very versatile. You have code or smart contract vulnerabilities. You have market risks. You have front end risk.

You have dependencies risks. So there are technical risk involving the contracts that are deployed and the nodes and the infrastructure that they are running on. There are variety of risk regarding ownership and how code is uploaded or changed on-chain like, what you mentioned, governance attack, which we have seen quite a lot. I actually gave a talk about governance attack vectors in EatDenver a few months ago.

Just governance itself is a gateway for a lot of different bad actors to inject code or change things. And there were countless funds that were lost in the last year to governance proposals and attack vectors. The biggest one was I think BadgerDAO, but there were many others. I mixed. I gave the wrong one. It’s not BadgerDAO.

Ian:

That’s all right. Which one is it?

Gal:

No, no, it’s Beanstalk. I meant to say Beanstalk.

Ian:

Yeah, Beanstalk. Okay. It seems like… Go ahead. You can re-say that if you want to.

Gal:

Okay. So there were many…

Ian:

Just that last piece there.

Gal:

There were many attacks through governance proposal like Beanstalk and audios and others. And I think Hypernative, what we’re building is basically provide you out-of-the-box detection in any type of risks that you might face on-chain and help you to create action based on this risk, including, by the way, also custom logic that you might want to monitor.

Ian:

It seems to me like when I hear people talking about security, the default position is, well, security is handled through a smart contract audit. And it seems like people are often missing everything else that goes around that. D you see the same thing in the industry right now or are people’s attitudes to this starting to change?

Gal:

I think it changed quite a bit when I look at today as opposed to when we started at mid 2022. So at mid 2022, it was really hard to convince people that there is this thing, real time monitoring, and there is this thing, real time security, for Web3 and that it can actually do something. There was this conception that an audit is enough. And the more audits that you’re doing, the more secure you are.

So projects, we’ve seen them invest huge amounts of money in audit, sometimes even in the hundreds of thousands of dollars even per year. And I think when I look today, I think everyone get it, that audit is just not enough. It’s a must do first step, but it’s not enough. It’s not enough because of few reasons. One of them is that it doesn’t even cover all the different attack vectors that you can lose money through.

Because, for example, few of our customers and actually even non-customers that the Hypernative saved over the last year were ones that were actually hacked. The founder computer was hacked by a malware that stole the EOA or the wallet, the seed phrase of the wallet, and then tried to change something in the contracts that that address was controlling, so like private key theft, third party attack vectors.

There are these whole spectrum of attacks, front end attacks that are happening on your web application, for example, like DNS hijacks and things like that. All of these that audit doesn’t even cover. Even if you’re doing the perfect audit, you can’t really catch everything. And the thing is that audit in the end is never perfect. Most of the projects that got hacked got audited several times.

So I think the mindset is shifting. Today I think people understand that the security budget is something that needs to be split between the different kind of solutions that you have, which audit is one of them, but real time security and monitoring is a very important aspect of that, which can again provide a very good return of investment.

Ian:

I’m pleased to hear that the industry’s waking up to this problem because it seemed obvious to me that audits are necessary but not really sufficient for real security. I want to shift track just a little bit because one of the core value propositions of Hypernative is speed of detection. So at Chainalysis, we often get involved after somebody’s been compromised.

We’re helping them trace stolen funds and hopefully help with recovery. But if I think about your technology being applied where I’m getting a notification before there’s been any funds lost, it certainly saves us at Chainalysis quite a bit of work, which is nice. How does that actually work? I’ve never really understood the mechanism that allows you to predict the future capabilities. Can you talk a little bit about that?

Gal:

Yes, of course. That’s a great question. When we started Hypernative, we basically did a very diligent research. We looked historically at a lot of attacks and exploit. We really wanted to understand how attackers are behaving and how are they… What is an attack? Because an attack is sometimes not just that hack transaction, but it’s a combination of different kind of actions that are happening on-chain. And there are few misconception that we found that protocols or people in the industry think and that they’re actually not correct.

One of them is that audit is enough, and we touched that in the last question. The other is that attacks are happening in one transaction. And this is when you look historically at attacks, most of the attacks are not happening in one transaction. There are very indicative signals of an attacks before they happen. A lot of them revolve around attackers preparation or attackers doing all sorts of actions that basically if you know to classify them very accurately, you know to understand that they are preparing to do an attack and then also understand who the target of that attack.

And I think that realization basically allow us to understand that the blockchain is like a heaven for data lovers, security and data lovers, because we had this endless information, endless label data of previous hacks and exploit. How are they behaving? What is their characteristic? The emphasize of what we try to do at Hypernative is that we wanted to create a platform that with the least effort will detect everything. Because if you detect 70% of the hacks and exploit, then that other 30% will just happen and then you did nothing.

So we really wanted to create something that is generic. And I think the interesting thing about detecting attackers before they do an attack is that their behavior a lot of times is generic. So it doesn’t matter what kind of an attack vector they’re going to deploy because this could be what we call in security like zero-day, a new kind or a new method of an attack that wasn’t even visible historically, like never happened.

And the cool thing about Hypernative is that because we classify these attackers, we are also catching these zero-days or these attackers with methods that no one ever thought about and we’re giving a very full protection for you as a protocol. Of course, we also research and do and detect all of these things that are constantly happening. So by analyzing and detecting the attacker preparing to do the attack, we are basically giving you a head start warning. And it’s very hard to do it otherwise.

A lot of people sometimes ask me, what if an attacker will do a perfect attack and what if they will do it in one transaction and bundle everything and do it? And I think that’s right in the end. The same way that it’s hard to do a perfect smart contract without vulnerabilities, it’s very hard to do a perfect attack. And Hypernative is essentially catching attackers’ mistakes as they do it and they always do it at one way or another.

And other misconception that I think is also important, and you touched it and I think that’s also very important, is that even after the attack happened, a lot of time there is time to still recover some of the funds, even if not from actions, like you mentioned, that Chainalysis are doing, but even though a lot of times the attacker doesn’t steal everything in one transaction or sometimes there is a multichain protocol where they’re stealing it from one chain and the same contract or the same code that another chain is still exposed.

So even after an attack happens, there are still a lot of things that if you do them fast enough in an automated manner, you can save considerable amount of funds.

Ian:

That’s actually a great point that I hadn’t considered before is if I’ve got the same contract deployed on multiple networks, the attacker might only compromise one of them. And even if I’ve failed to anticipate or detect that attack, being able to quickly recover and either remediate or pause the contracts on the other side is probably as quickly as possible is definitely in my best interest.

I’m curious about what data you’re collecting to be able to do this. I mean, obviously, you’re collecting all the on-chain transactional data, but I suspect there’s a lot more going into the system to be able to have this classification and predictive capability.

Gal:

So Hypernative and this is I think one of the things that we did very well at the start is we invested a lot in the infrastructure to really process all of this data and to make it reliable, which I think sometimes is something that a lot of people when they, for example, evaluate solutions or things like that don’t think about because in the end you cannot miss a transaction. If you miss one transaction, that could be the hacked transaction. So we’ve built a very reliable infrastructure that uses…

We use all the RPC provider. We have our own nodes. Sometimes, by the way, in many times in parallel sometimes because again, we cannot have any latency or any delay. So building that infrastructure to process everything was super important. We process everything that happens on-chain from the transaction, as you said, but also the smart contract. We analyze the bytecode. We check governance proposals. We correlate things across chain. We index everything so we have historical data to compare through as well.

And we bring also a lot of off-chain data sources. Some are confidential for Hypernative, but some are more like snapshot like the governance proposals from off-chain, price feeds, vulnerabilities databases, the front end of the application themselves, like the web application that we monitor for hacks on the border between Web2 and Web3. And all of this data is being processed in real time in order to do these detections and create these automated actions. It’s a very extensive data infrastructure to do that and you need to monitor it very closely.

Because again, it’s a mission-critical system at this point as it protect you as a protocol or as asset manager. And we do it very diligently to make sure that there are no mistakes, to make sure that it’s up at all times, and to make sure that it will react in time. And I think, again, Hypernative has close to 100 customers at this point. We are working with some of the big names, as you mentioned. The system already prevented hacks in the tens of the millions for our customer. So a lot of this is testament to how we built the infrastructure.

And I have to thank again Dan, my co-founder, Andre, and the entire R&D team in Hypernative for doing that because I’m mostly talking about it, but they are the ones that are actually building it.

Ian:

I’m curious about speed to detect. So we’ve been talking about this idea of you can alert one of your customers before a hack is actually carried out. Is that seconds before? Is it minutes? Is it hours? What’s the timescale that we’re dealing with here because I think that might be interesting to people?

Gal:

That’s a great question that we asked ourself, right? At some point in time we said, okay, we have enough data. The system detected enough hacks or exploit. We want to see how it’s actually behaving. And we did a very extensive research that looked at the detection time, essentially when Hypernative first detected an attack. And of course, there are a lot of criteria that involve around accuracy as well and understanding who the target is. There are a lot of details in order to do that.

And I think that the interesting part is that we found that today it’s even higher, 98, 99% of the attacks in the last year and a half could actually be detected two minutes and more before the first tech transaction, which was a mind-blowing data for us. Because it means that if you have an action, if you have something that you can actually do to prevent the hack from happening, then there is enough time to do an automated action.

Ian:

98% of attacks the system was able to alert two minutes or more before the attack was carried out. I mean, to me that’s incredible. I’m curious though, what happens next? So I get an alert. As you said, the attackers tend to like to work on the weekends and late at night. Our friends in North Korea are obviously…

They work at North Korea government hours often, which is not convenient for those of us in North American or European time zones. What happens next for a customer after that alert comes? Is it manual human intervention or are we talking about an automated systems response?

Gal:

Most of our customers are using the automated response. Because again, as you mentioned, it’s not something that you want to leave to a manual process because a lot of the teams don’t have even a 24/7 presence that can react to these alerts. We do have teams that do want to still insist to do it manually and we do practices with them, like what happens when you actually get an alert, how fast you are reacting manually. And we actually got good results of the minutes of a MULTI-seq that you need six different signers to sign off, something like that.

So we do get good results in these tests, but a lot of our users, or I would even say most of our users, are using the automated action. And this really varies by the protocol, by the type of the customer, by what they’re trying to do. The nice thing about Hypernative is that in the platform you can already in a self-service manner configure the different action that you want to do, and Hypernative lets you to even create these actions by yourself based on what you think you want to trigger.

And a lot of times we help you define or think about what are the different reactions that you want to do. I think one of the things that some people misses is that there isn’t one detection to one reaction. Usually a security plan for you as a protocol is comprised with a lot of different detections that could happen. And then a lot of times it’s different reaction that you want to do.

Because if something happens in your operational MULTI-seq or one of your team members got phished and we somehow detected it on-chain, that may be a different reaction to, okay, we see someone is preparing to attack your vault contract. So we are trying to create with the system like a complete plan for you and the system actually recommend monitoring and things that you should be monitored and reaction that you should be configuring as well.

Ian:

What’s an example though of one of the automated actions that your customer might take?

Gal:

I think, again, it really varies. The easiest one is pausing the contracts or pausing the protocol. But again, there are ranges of things that are more like around limiting… For example, if you are a bridge provider, you can limit the transfer. And if you can blacklist a specific address from a protocol, you can do that and check. I think that the good thing about Hypernative is that everything is auditable.

You can see the explainability of why we detected what we detected. And it’s a system that if it’s doing something that you think it shouldn’t be doing, you can always remove that. And I think the balance between protecting the user funds and the safety of the protocol is kept with Hypernative. We also are deploying now like an on-chain solutions as well.

Ian:

We’ll talk more about what that on-chain solution does. What would I use that for?

Gal:

So the on-chain solution is trying to basically put what Hypernative is doing today, which is detecting bad actors and then automatically reacting. It’s actually trying to put that same technology on-chain. So you can integrate as a protocol with Hypernative on-chain, understand the risk of a transaction or the risk of an address that is interacting with you, and then in a decentralized manner basically react to that, instead of, for example, pausing or limiting the entire protocol.

I think what we realized at Hypernative is that there isn’t one solution fits all. And even for the same project, sometimes you want to do different kind of actions and use different kind of methods to react to risks. This is what we are trying is we are trying to give you all the different options that you have in order to leverage Hypernative and fit to what is best working for you.

Ian:

I think that’s pretty amazing. Instead of having a system that’s alerting humans, you actually get an automated interaction directly to the contract. And the fact that you can have your system deployed as an on-chain resource so that there’s a native interaction there, it seems like a really, really interesting innovation.

I have to imagine though people listening are playing this out and they’re going, “Well, what’s the accuracy of detection? I mean, it’s great if you detect all the exploits. But if you’re also throwing hundreds or thousands of false positives at me, that could create some really bad outcomes.” So how do you think about accuracy as a feature of the platform?

Gal:

I think this is one of what I would consider Hypernative greatest advantage because we realized very early that we can’t use a very simple rule sets or heuristic in order to detect hacks. And the reason is not because we cannot cover all the different risk. The main reason is because it produce a lot of false positive. And I think when you have a system that has an automated reaction, you cannot tolerate false positive. You cannot tolerate it as an investor that has a position and then reacting based on an alert from Hypernative because you’re actually losing money based on that action.

And you can definitely not react to a false positive as a protocol because it’s affecting your reputation. It’s affecting your reputation and it’s not something that is tolerable, especially if it happens often. I’m proud to say that I think Hypernative is today a leader in that area. We invested a lot in really optimizing the system in such a way that the false positive will be practically close to zero. Because again, we don’t think that it’s operational any other way. And many of our users, as I mentioned, are using that automated action already in production.

It’s already a large data set to observe over the last year and a half, and I think we are feeling very comfortable with the numbers that we see right now.

Ian:

You mentioned something interesting in there in addition to fantastic false positive rates is your customers don’t have to go and build rules. So when I onboard and become a Hypernative customer, what work do I have to do in order to actually make the system effective? What does that process look like for your typical customer?

Gal:

Yeah, that’s another great advantage. You don’t need to do much. You get an account in the system. You add the contracts or the assets that you want to monitor. The system actually automatically finds and suggests to you new things that you want to monitor. And from a security point of view, you are basically good to go. The system already detect out-of-the-box. We monitor everything anyway, so we are probably monitoring your protocol already. You basically want to connect the out-of-the-box detection now to the actions, to the automated action, that you might want to trigger.

But just for detection, you are good to go. And for the automated action, again, it’s something that you can define in the UI of the system at this point. The other part, however, that we found is that a lot of our customers actually want to also create on top of that more custom logic. So Hypernative offer that today in a very easy manner. You can leverage Hypernative language, our either UI or SDK, to define any business logic that you want to track on-chain and uses Hypernative to track that logic and connect it to alerts or to connect it to the automated actions from the out-of-the-box.

The interesting thing is that we found out a lot of times people don’t know what they want to monitor or don’t know what they should be monitoring. And some of our processes around suggesting to them and helping them based on… Again, we work with a very wide range of customer, is to provide to them things that we think based on similar protocols or similar categories or things that our research team come up as dangerous and that should be monitored and we help them implement that in the system for them.

Ian:

So it sounds like an incredibly easy onboarding process, which I think is important in this industry because we have a shortage of Web3 security professionals. There’s just not that many people that have been as deep in this topic as you and the Hypernative team have for a long time.

So letting the computers own the security operations feels like the safer bet. Maybe shifting back to the business topic a little bit, you’ve announced some pretty big partnerships lately. I want to give you an opportunity to share some of the strategy there, because I get the sense that you’re trying to really build a coalition of products that solve for this end-to-end security problem for the industry.

Gal:

Hypernative mission is since we see this great results, we are trying to get and be everywhere. We are trying to support more chains and provide Hypernative as a solution on top of these chains. We also announced some exciting ecosystem partnership where we help big Layer 1, Layer 2 chains like Flare, same network, Zircuit, Starknet to essentially protect their entire ecosystem and projects building on top of them.

It’s a great opportunity for Hypernative to essentially instead of working independently or reaching to projects, essentially to provide an end-to-end solution to the entire ecosystem of a chain which will increase the safety of these chains and is I think a critical element for the projects that are building on top of them. We are trying now in Hypernative to reach other types of customers and other types of verticals because the work is endless.

This is part of the thing that really excited me when I started checking Web3 is that there’s still a lot of things to build. There’s still a lot of things to build. There’s still a lot of problems across the border in many type of areas, and security is a very important building blocks for all of these elements. We are still not close to other areas where security is very profound and has a lot of different solutions and options. There is a lot to build and we are doing that at Hypernative.

Ian:

That’s exciting. But of course, you’re not the only company building in security. We had one of the other folks, actually another Israeli firm called Blockaid on the podcast not too long ago. I’m curious, from my perspective, it seemed like they’re going after a very different segment of the security landscape. But I’d love to hear it from you since you’re in this every day, compare and contrast for the listeners Blockaid and Hypernative.

Gal:

I think there are many vendors in the space. Everyone are doing a good job. We think that the Blockaid team are great. Blockaid have concentrate mostly on an area that is called pre-transaction security, mostly for retail users. Basically integrating with wallets and helping you before you approve a transaction, understand if something bad is about to happen, if you’re getting phished or scammed. Hypernative focus was a bit different from the start.

We essentially wanted to detect hacks and exploit across the ecosystem as they happen, and then help you prevent them as a protocol or a big asset manager or a chain. I do think a lot of the data that Hypernative is producing today and classifying can be leveraged. And I believe there will be more companies in the space. I believe there are, as I mentioned, many challenges that needs to be addressed and built. I think through maybe potential collaboration, we are all trying to benefit the safety of Web3 and blockchain.

Ian:

Well, I agree with the perspective. I think there’s a lot of people trying to solve the problems, but I’m not sure that anybody’s gotten nearly as far down the path as Hypernative has yet. So clearly a leader in the space. I’m really curious, what’s on the roadmap for the year ahead? What should we be looking forward to? What’s the rest of the team building while you’re here talking to me?

Gal:

A lot. We actually did a all-hands session where we actually outlined the roadmap for this year. We are going to have a very packed and busy year, and to me it’s exciting. Being in this part where you are building and innovating and creating solution is the best part of what we are doing. We are planning to be everywhere. Hypernative, we want to enable the technology that we are building for anyone in the space to be able to use that.

And that means supporting different kind of chains, even non-EVM chains, which we already support some of them like Starknet and Solana, but we are going to really accelerate it and be everywhere. The other part that Hypernative is working is on that on-chain component that I mentioned. Some of it is still not open, but I think the idea is to, again, make it very easy and comfortable for everyone to integrate and leverage Hypernative and use and protect from different kind of attack vectors that are happening.

We are also thinking about moving to new verticals of security. The nice thing about our space is that it’s continuously evolving. It’s very dynamic. New areas are emerging every few weeks. I think the common subject for all of them is that they will need security and they will need someone to secure them. And we want to be there to provide the tools for anyone that is building and innovating in these domains to have a system that can monitor and react to risks.

Ian:

Well, it is certainly going to be an exciting year ahead. Gal, this was a fantastic conversation. Thanks so much for joining me. I’m glad we finally made this happen. And best of luck at TOKEN2049.

Gal:

Thank you. Thank you, Ian. Thank you for having me.