Hexagate is a Web3 security provider helping protocols, bridges, and chains to protect their smart contracts and users from financial losses and fund loss incidents caused by cyber exploits and Web3 threats. Hexagate offers a platform that detects all Web3 threats in real time and prevents them from causing any impact.

Hexagate’s Web3 security platform offers real-time monitoring solutions for all sorts of threats before they impact any digital assets and automated prevention tools for Silo Finance so team members can take on-chain action, when applicable.

This benefits Silo Finance users by safeguarding their funds from potential exploits on any Silo Finance contract and reduces the amount of funds lost in a possible incident.

Hexagate monitors malicious activity on-chain, including on any Silo Finance contracts, including all 1st party contracts, 3rd party dependencies, governance proposals, protocol invariants and so on.

Hexagate can partner with Silo Finance to provide the money market with real-time alerts on Web3 threats and exploits threatening Silo Finance contracts or governance participants and run automated workflows to remediate issues in real-time when Hexagate fires an alert. That will also allow rapid communication and response to threats that come up.

Background

Hexagate monitors blockchains in real-time, and by leveraging ML, security heuristics, hybrid detection algorithms and invariant monitoring engine, it provides early detection of exploits, abnormal behavious and other Web3 threats. The Hexagate platform covers the detection of cyber and financial exploits on 1st and 3rd party code on mainnet deployments, governance and administration risks, suspicious fund movements, phishing, fraud, scams, and custom invariants.

Protocols, bridges, and chains that use Hexagate benefit from early and accurate detection of threats, remediation workflows, IR, and forensics.

The company already protects over $15B in TVL across multiple chains and is trusted by the biggest names in the industry like Polygon, Linea, Avalanche, Eigen Layer, GMX, QuickSwap and many others - it managed to detect ahead-of-time exploits that targeted Euler, iearn, Hundred Finance, Conic, and more.

Hexagate is a VC-funded company backed by leading VCs, founded by serial entrepreneurs who previously built companies that were acquired by Jfrog and Claroty. Their team brings vast experience in the cybersecurity realm.

Hexagate also helps the entire ecosystem by helping others in a time of need, participating in post-mortem analysis, war rooms aimed at unveiling exploiters and recovering funds, and by conducting research activities on protocols - here are a few examples:

• Found and responsibly disclosed a vulnerability in the Polygon PoS (Proof of Stake) system that enables bypassing of the consensus
• Listed in the Ledger Hall of Fame for finding and reporting a bug in an old Ledger
• Helped 0vix protocol throughout their incident response right after getting exploited
• Helped Conic Finance throughout their incident response right after getting exploited
• Helping Compound V2 and Compound V2 forks with a zero-day exploit to open markets safely
• Curve incident post-mortem right as it happened
• Euler hack post-mortem (also notified the team in real-time over Discord and helped in the war room)
• They are also part of the Seal911 team, helping others in the ecosystem in stressed times

Everyone is welcome to follow Hexagate on this official X (Twitter) account to see live updates and posts.

Detailed Proposal

Below is a summary of the Hexagate proposal, outlining the offering to Silo Finance:

1. Hexagate will provide access for Silo Finance to its Web3 security platform and Web3 threat intelligence feed, including its on-chain investigation engine.

2. Threats covered by the Hexagate platform:

   • Exploits on first or third-party code

     1. Detect suspicious malicious contracts before they exploit a protocol
     2. Detect novel 0-day exploits and unknown threats on protocols or its dependencies
     3. Dependencies include tokens, deployers, oracles, bridges, other protocols, etc.
     4. Detect token exploits - excessive minting or burning, abnormal transfers, centralization risks, missing access controls allowing arbitrary approvals or transfers, rug pulls
     5. Detect oracle deviations and delays
     6. Tracking abnormal transfers to detect private key compromises
     7. Alert on token depeg – stablecoins, wrapped assets, or bridged assets
     8. Track fund movement post-incident and automatically tag malicious entities on-chain to taint stolen funds movement in real-time

   • Governance and Administration

     1. Simulate and analyze any malicious governance proposal (or a malicious proposer) that goes on-chain (including when a governance proposal executes)
     2. Analyze contract ownership or role changes for abnormal changes to malicious entities
     3. Detect malicious implementation updates and changes to privileged configurations that result from missing access controls, private key compromises or rug pulls
     4. Detect centralization risks on governance token holders or phishing attempts on governance token holders
     5. Monitor governance token transfers

   • Funds movement

     1. Track illicit funding sources and track fund movement
     2. Monitor and tag all malicious on-chain activity including fraud shops, mixers, USDT / USDC / OFAC blacklists, high-risk exchanges, and stolen funds.
     3. Monitor abnormal transfers and/or fund movements from specific addresses (protocol treasury, whales, protocol participants, etc.)

   • Invariants and parameters

     1. Monitor predefined invariants and params per the protocol specifications.

   • Phishing, fraud, and scams

     1. Governance participants interacting with malicious contracts, phishing addresses, scam tokens, etc.
     2. Detecting malicious dApps impersonating Silo Finance

3. Hexagate provides generic webhooks, Slack/telegram/email/discord/pagerduty/OpsGenie integrations for any type of alerts

4. Hexagate enables user-generated custom monitors so a user can set up alerts on specific wallets, whales, specific events, specific contract calls, and so on, enabling users to customize their monitoring to fit their needs

5. Hexagate provides a unique invariants monitoring engine which allows for invariants to be declared using proprietary DSL and can be monitored both on Testnet and Mainnet.

6. Phishing detection for governance participants - Hexagate surfaces any phishing attempt on Silo Finance governance participants

7. Connection to our network of partners and collaborators in which they have an open channel to such as Chainalysis, Binance, on-chain sleuths, and more to be able to notify them in real-time when an incident happens so they can tag the bad actors and prevent them from off-ramping on a big list of exchanges, uncover the attacker’s identity, help with crafting a post-mortem paper, and analyze the blast radius of the incident

8. Support:

   • Standard support time - Sunday to Thursday 10:00 AM - 7:00 PM GMT+3
   • Helping out with bug bounty program submissions, security reviews, and triaging incidents in real-time by assigning a security researcher from our end to help out in time. In the initial proposal, Hexagate will allocate 15 hours of security research activity to help on that front and expand as needed
   • Preparation and training for managing a war room, assigning roles and responsibilities, and helping with crafting security frameworks and incident response procedures - based on Hexagate’s expertise gained from being active in many such incident response events

9. Onboarding:

   • During onboarding, a Hexagate security engineer with a Silo Finance team member will map all the contracts, tokens, bridges, oracles, and governance structures that are related and even remotely affecting Silo Finance contracts and on-chain assets to be able to have a broad coverage of all possible threats. Access to the platform will be granted to the selected Silo Finance Foundation or Devs to use the platform to configure monitors, alert notification channels, and run triaging and investigations for any on-chain activity - these will be provided right after signing
   • Tailor remediation procedures for Silo Finance

Budget

Hexagate is asking the Silo Finance community to fund $21,483/year in SILO - 441,129 ( from the DAO treasury for onboarding, maintenance, and Support listed above), and the Silo Foundation will engage with Hexagate on a commercial agreement for a yearly license of the platform. Hexagate commits not to sell all SILO tokens at one time but in quarterly/monthly chunks.

The rationale is that the community is receiving support and maintenance while the Silo Foundation is in charge of operating the system, as security is top of mind.