logo
All Posts

Securing Steadefi with Hypernative

Steadefi integrates the Hypernative real-time fully-integrated security platform designed to prevent and mitigate the damage from attacks on protocol smart contracts
profile photo
Jeff Lam

TLDR;

  • DeFi security has been poor
  • But it can improve with Hypernative
  • Hypernative monitors our smart contracts & all integrated contracts
  • They provide actionable alerts and actions to both prevent and mitigate damage
Image without caption

DeFi has a security problem.

Over the last 3 years, 100+ DeFi protocols have suffered attacks on their smart contracts with a conservative estimate of $4B+ in total funds stolen.
Not great.

Parts of the Problem

1) Non-holistic security systems.

Exploits often don’t occur in isolation. Protocols integrate with other protocols and contracts are layered on top of other external smart contracts — all of which increases the rate of DeFi development, but also opens these ecosystems to new attack vectors from malicious actors.
Essentially, the existing security systems, which focus mainly on specific contracts and code, struggle to incorporate “the bigger picture” of a DeFi protocol.

2) A static system.

Audits from most companies are a useful, albeit expensive, way to ensure the security of a protocol’s smart contracts. Getting expert eyes and brains on your code can help prevent many types of attack vectors, while also providing some assurances to many DeFi users, as they know that a “company of experts” has reviewed what they cannot.
However, as a static form of security, an overreliance on audits can lead to problems in an increasingly dynamic space. New products are launched with slightly altered code or in a slightly different integration or ecosystem and suddenly a new attack vector has opened up.
Examples of high profile exploits with reputable audit firms
Examples of high profile exploits with reputable audit firms
In all these cases, both developers and audit firms are typically blamed for the mistake, but in reality it can be impractical or impossible at times for this type of old-school arrangement to be dynamic and comprehensive.

3) Centralization risks vs non-upgradeable contracts

In most cases for smart-contracts, they aren’t upgradeable or editable. To make the code dynamic or upgradeable opens the contracts up to centralization risks (aka possible rugpull risks).
Unfortunately, this means that in cases where protocols discover attack vectors in their code, especially if a similar protocol has been attacked, there’s no way for them to retroactively “fix” the code without completely relaunching the product.
This can be quite the dilemma for any DeFi protocol in a competitive space where any kink in the armor of trust can lead to failure.
In sum, the DeFi security industry has not been able to keep up with the attackers because of human error, an ever-changing intra-connected DeFi space, and the inability to adapt backwards.

The Hypernative Solution

Hypernative approaches DeFi’s security problems in a completely different angle.
Instead of worrying about code logic or specific attack vectors, Hypernative provides real-time risk prevention by monitoring on-chain activity to discover malicious actors before they attack.
They are the “anti-virus” protection system for DeFi protocols like ours.
Image without caption
Not only does Hypernative help us to identify real-time security threats and vulnerabilities, their “pre-cog” platforms allows us to respond to potential attacks, essentially preventing, or at the very least mitigating, loss of user funds.
And Hypernative’s protection doesn’t stop at just our smart contracts, but extends to all of the connected contracts, including any protocol we integrate with, past, present, and future. As a yield aggregator platform that depends on the security of our partners and integrated protocol, this feature in particular will be useful for all parties involved.

Final Thoughts

Hypernative offers us and the rest of DeFi a step in the right direction as we can finally get ahead of would-be exploiters, rather than simply chasing them through tornados.
However, this innovation will only be one part of how we approach security, as the Steadefi team will always continue to practice comprehensive security habits (audits, internal real-time fuzzing testing, future bug bounties) in order to prevent negative financial exploits from ever coming.
About Hypernative
Hypernative is building a Web3/crypto security and real-time risk prevention platform that stops zero-day cyber-attacks, economic risks, detects on-chain anomalies and protects digital assets, protocols, and Web3 applications from significant losses or threats.
Hypernative currently works with top chains, projects, and asset managers as customers, including Polygon, Starknet, OlympusDAO, Zetachain, Messari, Quantstamp, Karpatkey DAO, Chainalysis and others.
Website | Twitter | Blog
About Steadefi
Steadefi is an advanced leveraged yield aggregator that focuses on maximizing yields from a variety of sources while managing market risks automatically. By providing undercollateralized leverage to automated yield strategies, Steadefi caters to both risk-on yield seekers and risk-off lenders. Our current featured strategy vaults are the 3x Long and 3x Neutral GLP Vaults built on the GMX perpetual trading platform.
Website | Twitter | Discord | Documentation | Blog |
Related posts
post image
Announcements
Steadefi Vaults V2: Better Liquidity Efficiency
Steadefi V2 Vaults migration
post image
Announcements
Steadefi esSDY Airdrop Campaign
Details about Steadefi’s esSDY Airdrop Campaign: how to participate, period of campaign, how to earn points and more.
post image
Announcements
Steadefi v2 Secure Relaunch & Compensation Details
Details about Steadefi v2 secure relaunch to GMX v2 pools, enhanced security measures, compensation plan details, new investors and advisors and more.
Powered by Notaku