September 30, 2021
The crypto industry is built upon a new, decentralized foundation whereby the code is the law. This allows innovation, in the form of new types of contracts, to replace the old, centralized system with its friction-prone, single point of failure. Code (compared to traditional agreements), enables much more creativity and flexibility to produce value. At the same time it’s open, which means the best talents in the world can take advantage, with tangible and immediate rewards for anyone who can identify a vulnerability.
As more money is managed using smart contract technology, the incentive and reward for malicious activity grows ever greater. (Indeed, crypto players ‘got used to’ the hacking of large and small protocols, and it became an accepted risk for those using these protocols.) To lower the market gap created in this newly formed industry, a new business of manual audits has gradually emerged, with OpenZeppelin at the forefront since 2015.
To create a truly robust system that can serve decentralized protocols and organizations at scale, the solution itself must work in a similar fashion: as an open protocol, allowing all players to have access and participate.
With new financial applications being forged with code every day, and the amount of TVL on the rise, a new layer is needed to support the management of these new risk factors at scale, and to actively help reduce the risk (or at least issue real time warnings).
We believe Forta is an indispensable layer for today’s blockchain ecosystem - especially as the industry continues to evolve and expand, in support of ever-more complex financial and organizational structures.
Forta’s solution is to create a blockchain using scanners, alert nodes and validators, each with their own set of incentives. Its bread and butter is a set of segregated agents which run in a dockerized environment and employ the know-how of a specific protocol or blockchain to raise alerts. These alerts can, in turn, be utilized by all interested parties (even external parties looking to inspect a project’s potential problem areas prior to investing).
High-quality alerts reward the scanners, and thereby the agents, and the idea is to have code written by the people with the most suitable skills (not by one centralized team). Automatic, follow-up actions can be taken based on these alerts, triggered by these agents. This enables users, in emergency situations, to run unique code which is only allowable to the system.
As more traditional assets move on-chain and become more decentralized, there’s clearly an imperative to ensure a cyber security protocol that helps reduce the code or smart contract risk, and increase the ability to carry out effective risk management.
As part of the leading auditing product company, Demian, Jonathan and the team have spent the last six years exploring decentralized protocols. They are well-poised to develop this vital, new element of the infrastructure stack and reinforcing industry levels of trust and security. Their goal is for future protocols to enhance global levels of trust in code and web3, while advancing general adoption of this technology.