PolySwarm: The first decentralized antivirus marketplace
The first decentralized antivirus marketplace.
CEO, DEVELOPER, FOUNDER
Steve previously founded Narf Industries, an information security R&D firm, with marquee clients from DARPA to members of the Fortune 500. He brings over 20 years of experience in Information Security focused development. He previously served in lead roles in a variety of projects for Government and Industry including: software development for advanced incident response, blockchain-based identity management R&D, and development of cutting-edge program analysis tools for DARPA’s CGC. Previously, he competed in several DEF CON Capture The Flags as a member of Sk3wl of R00t.
CTO, DEVELOPER, CO-FOUNDER
Paul brings over 10 years of experience in modern software exploitation, program analysis, vulnerability research, reverse engineering, cryptography, and low-level development.
Prior to co-founding PolySwarm, Paul reverse engineered and wrote bespoke malware disinfection tools for Fortune 100 clients. Paul has conducted cutting-edge research on partial homomorphic encryption as it applies to protecting network signatures and programs and has co-designed a confidentiality system for a public / private hybrid blockchain for identity management on behalf of the US Department of Homeland Security.
Paul has led cutting-edge information security research and development efforts in both private and public sectors, has identified exploitable vulnerabilities in defensive tools as a Vulnerability Analyst for CERT/CC, served as a web application security engineer for McAfee and won DEF CON's CTF competition.
Paul holds a BSc in Computer Engineering from Santa Clara University and a MSc in Information Technology and Management from Carnegie Mellon University.
DIRECTOR OF PRODUCT SECURITY, DEVELOPER, CO-FOUNDER
Ben brings over a decade of experience in information security to the table, having led research on automated program analysis, malware reverse engineering, secure software development, cryptography, cryptocurrency, and vulnerability analysis.
Having won multiple CTFs, including DEF CON, Ben continues to participate in hacking competitions today, staying at the cutting edge of reverse engineering and software exploitation. At Narf, he made use of this experience in his work on DARPA’s Cyber Grand Challenge, helping to develop and secure a game with millions in prizes that tested the state-of-the-art in program analysis.
It’s not all fun and games though: throughout his career, Ben has uncovered hundreds of vulnerabilities in an impressive range of products, including widely-used open source products, hugely popular web applications, security-critical embedded devices, and multiple mobile platforms. He authored many source and binary analysis tools to aid in his research, ensuring that future bugs can be found quickly and efficiently.
Ben holds a BSc and MSc in Computer Science from the University of Tulsa.
COO, DEVELOPER, CO-FOUNDER
Nick brings substantial experience leading enterprise teams in the performance of real-world, large-scale digital forensics, malware reverse engineering, adversarial hunting, threat analysis and incident response.
As a Narf co-founder, he helped deliver cutting-edge research using partial homomorphic encryption applied to network signatures, audited thousands of lines of code for security vulnerabilities, and created a variety of custom-designed binary applications each possessing intentional vulnerabilities that are used to test the efficacy of automated program analysis tools.
Nick has competed in and won several DEF CON Capture The Flag competitions as a member of Sk3wl of R00t.
SENIOR BACKEND DEVELOPER, CO-FOUNDER
Max brings 9 years of experience in secure software engineering, vulnerability analysis, digital forensics, and reverse engineering. He has developed software for a wide range of platforms, from embedded microcontrollers to large distributed systems. He has experience in reverse engineering a variety of targets and performing threat analysis on malware samples.
While with Narf, he developed cutting-edge exploit mitigations including ELFbac, an ELF ABI-aware memory protection scheme for Linux presented at Black Hat 2016. He also has developed custom tools for large-scale program analysis and vulnerability discovery which run on distributed systems.
He has participated in a number of CTF competitions, typically as an individual.
Max holds a BSc in Computer Science and a BSc in Electrical and Computer Engineering from Carnegie Mellon University.
FORMER CIO, MCAFEE
CO-FOUNDER & CEO, TRAIL OF BITS
AUTHOR, IDA PRO BOOK SENIOR LECTURER, NAVAL POSTGRADUATE SCHOOL
DR. SERGEY BRATUS
RESEARCH ASSOCIATE PROFESSOR, DARTMOUTH COLLEGE
FOUNDER & CEO, BASIS TECHNOLOGY
- Token Sale (70%)
- Enterprises, Vendors and Security Experts (15%)
- Swarm Technologies (15%)
- Protocol and Software Development (54.51%)
- Office Expenses (3%)
- Operational Overhead (travel, hosting, etc) (4.06%)
- Legal (14.49%)
- Marketing (13.62%)
- Tax (10.32%)
Cost of the token31337 tokens for 1 $
Price without discounts
Rate the project
Estimate the project on a five-point scale or switch to the simple scale
Estimate the project on a simple scale or switch to the five-point scale
Relevance of the problem and Market size
Founders, Team & Advisors
Budget allocation and roadmap
Token economy, Tokenization & Business model
Distribution & Lock up of tokens, Discounts for early buyers
Summary rate the project
Rate the project by other users9
Risks and disadvantages
Risks and disadvantages
Risks and disadvantages
Risks and disadvantages
A place where programmers can altogether solve issue connected with security.
Risks and disadvantages
Conducting ICO is not needed for such purpose. The general idea also sounds vague. Practical implementation of the project is unclear.
I would not recommend to invest in it. No partners are mentioned of the platform which looks unprofessional.
Polisurms covers a number of virus threats, that will help attract more interested customers.A team of developers with many years of experience is credible.
Risks and disadvantages
There are no visible flaws, but the tokenization model needs further elaboration.
This is a modern solution in the field of antivirus security using blochkchain technology, which has a promising future.
The technology of providing virus protection for high-quality development must surpass the existing system of anti-virus protection.
Risks and disadvantages
At first it will be difficult to get the confidence of large corporations.
This is a breakthrough in cybersecurity, I hope, thanks to this project, the problems associated with viral activity in the information environment will practically disappear.Judging by the presentation of the project, the team consists of professionals.
Free from corruption due to the blockchain technology.
Interesting security requests system. The user can choose between an offer (to particular expert) and bounty (posted for all experts).
Risks and disadvantages
Attractiveness to corporations and government enterprises is questionable.
It`s something entirely new in cybersecurity. Sadly, it is hard to imagine many companies considering this product as appropriate one for them. Majority of them prefer to deal with exact firms and specialists, who is responsible by legal and financial bounds.
Rising up a burning issue of antivirus security, it implementation and standardized approach. Provides real multi-functional solutions. Covers daily tasks of preventing cyber threats. When all the processes of society life are connected to computers chain, failure can cost lives.
Risks and disadvantages
No obvious risks and disadvantages within eye shot and beyond.
That can be a big shake for the market where all main players are already set. True that antivirus programs have quite the same approach to each and every sector and company. Viruses keep evolving and provided by one antivirus system is already not enough.
How do I purchase Nectar tokens (NCT)?
Nectar tokens (NCT) will be available for purchase exclusively with Ether (ETH). If you plan to participate in the Nectar token sale, we recommend acquiring ETH well in advance of the sale start date to ensure your ability to contribute.
Participants will complete a brief registration process that will be launching in advance of the token sale.
Please follow us on Twitter and other social media (links at the bottom of the page) or sign up for our newsletter to stay up to date!
What are PolySwarm's minimum and maximum funding levels?
A lot of work goes into the creation of a viable marketplace - well beyond the engineering work of developing smart contracts and reference implementations. In order for PolySwarm to be a success, substantial community engagement must take place to ensure a sufficiently thick market in terms of Enterprises, Ambassadors and Experts. See funding level tranches for a rough breakdown of categories of costs inherent to bootstrapping the PolySwarm Market.
PolySwarm's minimum funding level is set at $5,000,000 USD equivalent in ETH. PolySwarm's maximum funding level (cap) is set at $50,000,000 USD equivalent in ETH. For the purpose of minimum funding calculation, the exchange rate as specified on https://coinmarketcap.com/ at the beginning of the Creation Period (February 20, 2018 at 19:00 UTC) will be used.
What happens if PolySwarm's minimum funding level is not reached?
If PolySwarm does not meet its minimum funding level, all ETH contributions will be refunded to the contributors' addresses.
How many Nectar tokens will be created? Will more be created later?
The amount of Nectar created will be determined by the total ETH contributed during the token sale. Please refer to PolySwarm's Terms of Token Sale document for exchange rates between ETH and NCT during different tranches.
After the token sale closes, no more NCT will be created.
When does the sale start? How long is the sale open?
The token sale opens on February 20th, 2018 19:00 UTC and will close on March 22nd, 2018 19:00 UTC
How is Swarm Technologies, Inc. ensuring the security of the token sale contracts and subsequently funded PolySwarm contracts?
We're glad you asked! We're security people ourselves, so this would be one of the first questions we would ask if we were in your shoes.
At a high level, we will take the following precautions:
1. Nectar's token sale contract will be very simple and will draw heavily from well-studied ConsenSys and OpenZeppelin contracts. No reinventing the wheel here.
2. Swarm Technologies, Inc. will run a bug bounty program to crowdsource vulnerability identification in contracts developed with token sale funding.
3. Swarm Technologies, Inc. will engage with Trail of Bits for a professional audit using cutting-edge EVM tools.
The two latter items deserve more discussion; head over to our Security page to learn more!
Do Nectar token holders participate in PolySwarm governance?
The PolySwarm Market is a market and specifically does not function like a Distributed Autonomous Organization (DAO). PolySwarm's Nectar tokens are designed to be purely utilitarian: participants exchange threat intelligence for NCT - end of story.
PolySwarm token holders (and Swarm Technologies, Inc.) will not earn any manner of dividends or "return" for Nectar holdings, nor are PolySwarm token holders entitled to any equity, voting rights, or any other right beyond NCT's utility for engaging in PolySwarm Market transactions. Fees are not remitted to holders (including Swarm Technologies, Inc).
PolySwarm is specifically designed to avoid token holder control over the market, as this would be anathema to PolySwarm's goals for fostering an open, fair and distributed marketplace for threat intelligence.
Why does PolySwarm need a token?
Nectar serves to isolate PolySwarm from external market forces including the value of Ether (ETH) and the performance of applications that transact in Ether.
Token-enabled market isolation is not a uniquely PolySwarm concern; many other applications have chosen to use tokens for the same reason. Nectar-based isolation will allow for more consistency in PolySwarm market behavior, enabling participants to transact with greater confidence and reducing perverse incentives that would otherwise harm the PolySwarm Market.
Suppose PolySwarm participants transacted directly in Ether (ETH). In a hypthotical Ether-based PolySwarm, Ambassadors are incentivized to buffer a number of Enterprises' artifacts until the value of Ether diminishes sufficiently to minimize the Ambassador's Bounty placement cost and in turn maximize his / her profit. This selfish behavior might be good for the Ambassador in the short term, but triggers a tragedy of commons condition in the long term, potentially causing gridlocks via delayed Bounties (or even delayed Assertions placed on Bounties). When considering the ground truth feedback mechanism, we expect PolySwarm bounties to operate on day or week timescales: orders of magnitude longer than minute fluctuations in ETH value.
In a Nectar-based PolySwarm, we are able to peg the price of Bounty placement (in terms of NCT required) independently of ETH value fluctuations, unlocking stability strategies and diminishing return on micro timing choices that would otherwise amount to perverse incentive.
How do I complete the KYC (Know Your Customer) to get prepared for the token sale prior to Feb 20th?
We will have series of KYC questions that have to be answered when you register for the token sale. This should be ready around 15 Jan 2018.
How would you prevent a rogue team of say 100-200 hackers, who are sponsored and don’t care about losing money, from building up their reputation as trustworthy experts over a lengthy period of time, say a year or two, and who may then become trusted by a
If it takes 100-200 well financed hackers to build reputation over time and ultimately risk burning that reputation to hide some malware from a subset of ambassadors, I'd say we've won. That bar is far higher than today's status quo - this is a much more costly endeavor that what is required to evade AV today.
No system can be 100% perfect, including PolySwarm, but PolySwarm is far better than today's environment if such resources are required to pull off such an attack.
As a single user at home, how exactly would PolySwarm help me? I mean if I didn’t want to go through a known anti-virus company, like AVAST or any of the other scores of firms out there, how would I tap into the PolySwarm network on my PC?
End users will benefit from PolySwarm by being exposed to better-valued services. We don't expect most end users to directly interact with the PolySwarm network; this is the role that Ambassadors fill.
PolySwarm Ambassadors will be today's familiar, existing AV companies (like AVAST) as well as new companies made possible by PolySwarm’s economic model.
We expect to see new companies acting as Ambassadors that serve as a direct conduit to the PolySwarm network. These new companies will exchange end user subscription fees for a convenient link to the PolySwarm network, handling Bounties and Offers on behalf of their end user customers. This new type of company will almost certainly have lower cost relative to monolithic offerings seen today. We believe this will translate into a better value for the end user.
In short: most end users will continue to engage with a subscription-based service, but will get more protection for less money due to the efficiencies made possible by PolySwarm's crowdsourced, distributed design.
What strategies are PolySwarm planning to use to bootstrap the various actors/services required for the network to function effectively from day one?
We have a multi-pronged approach, targeting enterprise, ambassador and security expert onboarding, respectively.
At a high level, we will foster a network effect, playing enterprise interest toward security experts (more bounties available) and then security expert interest toward ambassadors and enterprises (increasingly quality threat intelligence). This two-sided effect will naturally encourage uptake on the opposite side.
1. Sponsor PolySwarm integration into existing incident response (IR) and defensive toolkits.
PolySwarm will offer Nectar bounties (from Swarm Technologies, Inc’s holding) as reward for open source contributions to widely used IR, defense and forensics toolkits. Specifically, we will target open source projects like Facebook’s osquery , and The Sleuth Kit / Autopsy. By making it trivial to use PolySwarm with these tools, PolySwarm seamlessly plugs into existing workflows. Some users will choose to leverage PolySwarm and any such leverage will help create a network effect.
2. Partnership with existing threat intelligence vendors, offering early Arbitership as incentive to plug into the network.
Existing threat intelligence companies will desire to become Arbiters in the PolySwarm ecosystem. PolySwarm will offer designated arbitership to chosen Arbiters to help bootstrap the network. This will be limited time offer, after which Arbiter must maintain high ecosystem throughput to maintain their status.
3. Hackathons, competitions and sponsorship directed toward information security expertise, with an emphasis toward markets that already participate heavily in vulnerability bug bounty programs.
This one is pretty self-explanatory. We will target information security conferences in Eastern Europe, Asia, Latin and South America in particular.
What gives Swarm the confidence that they will be able to attract thousands of Experts to become part of the network?
This was alluded to a little in the previous question / response.
In addition to the response above, PolySwarm plans to host a Nectar-for-artifact bounty program to help build a corpus of “swarmed” artifacts in the network and get initial people onboard. Security experts will receive Nectar in response to “swarming” malicious artifacts during this Beta period. Prior to Arbiter establishment, malintent determination will be outsourced.
Beyond this mass market approach, all of the founders and many of our friends and colleagues work in the Information Security industry. Many of them have custom malware analysis tools that they develop for their work or hobbies that could be reconfigured to work as micro-engines.
We speak with graduate and PhD students at conferences and events that have the technical skills to build and run micro-engines, but cannot get jobs at cyber security companies due to their nationality or choice of home location.
The quality security experts are out there, and we are giving them the means to participate.
Is the Hacken project a competitor of PolySwarm? How are they similar/different? Why would a Security Expert want to be involved with PolySwarm vs Hacken?
It’s a different market and we wish them success. Hacken is decentralizing bug (vulnerability) bounties against corporate sites and software, basically security experts doing manual analysis against unique targets.
We’re pretty familiar with the bug bounty market: average transaction value is 400-500 USD per bounty. Hacken’s market requires manual review to evaluate if bounties are won or not. There’s probably on the order of 1000’s of transactions a year.
Conversely, PolySwarm deals with the sort of threat intelligence that can be automated, such as anti-virus. Anti-virus companies, worldwide, see billions of samples a day and probably 10’s of millions are unique. Transaction value ranges 0.0025-0.015 USD per file/url/artifact scan. All micro-engines and the vast majority of ground truth determination in PolySwarm will be automated.
Manual review of a smallish binary takes the better part of a day or two. Larger applications, we are talking many days or even weeks.
Does Polyswarm protect a company's corporate network similar to how a Palo Alto Networks device does?
PolySwarm will enable companies like Palo Alto to enhance their offerings by being able to solicit crowdsourced opinion on files they're unsure of. Today, they reach out to VirusTotal (and pay handsomely to do so). Tomorrow, with PolySwarm, they'll get access to a broader set of security expertise without a middle man (VirusTotal is owned by Google).
From the enterprise perspective, should Palo Alto plug into PolySwarm, the enterprise will see better detection rates. Palo Alto will save money and ideally those savings will be passed down to the customer. In the PolySwarm ecosystem, Palo Alto (PA) is an "Ambassador".
Is PolySwarm a Marketplace?
Yes. More specifically, it's a set of smart contracts that define how threat intelligence is sourced and how good threat intelligence is rewarded at the expense of bad (inaccurate) threat intelligence.
We expect some larger enterprises to participate directly in the marketplace (bypassing Ambassadors) and one of our big goals is make Ambassadorship as accessible as possible -- today you need funding rounds, marketing, HR, etc, etc, to build a company like Palo Alto Networks. Tomorrow, we hope that the raw statistics surrounding each Ambassadors’ performance, coupled with the autonomous nature of the market will allow for more streamlined operations - mini-Ambassadors if you will - that wouldn't fit into today's market, but would thrive in PolySwarm.
In other words, only few can get listed as a vendor on VirusTotal, but anyone can call themselves an Ambassador on PolySwarm. Ambassadors will have to maintain their quality of service and reputation to attract enterprises and end users as customers.