AIP #21- Implement Chainalysis Crypto Incident Response Plan for Abracadabra’s Smart Contracts
Summary/Scope (TL;DR)
This is a proposal to adopt Chainalysis Incident Response to protect Abracadabra in the event of a hack or exploit. After a hack commences, investigative response time is the most critical vector to asset recovery. Chainalysis Incident Response (CIR), the leading crypto asset recovery solution, is an important security measure to have in place to protect Abracadabra in the event of a hack. It also serves as a strong deterrent to help minimize the risk of a hack in the first place.
References
- Website: Chainalysis Professional Crypto Investigations & Special Programs
- One-Pager: Defi Crypto Incident Response 1-Pager
Customer Stories / Customer References:
- Blog post on the Axie Infinity Hack & Successful Asset Recovery: “$30 Million Seized: How the Crypto Community Is Making It Difficult for North Korean Hackers To Profit”
- Twitter Post from Morpho: “Morpho Labs has partnered up with Chainalysis to strengthen the Incident Response Plan for Morpho protocol!”
- Twitter Post from Algorand: “We have engaged Chainalysis to help trace compromised wallet transfers and freeze funds if they are deposited in an exchange that integrates with and acts upon Chainalysis data.”
Source Data:
- Chainalysis: The Chainalysis 2023 Crypto Crime Report, including original data and research into cryptocurrency-based crime.
- Security Intelligence: Cryptocurrency-Related Crime Boomed in 2022
- Sharedum: Top 10 DeFi Hacks You Should Know in 2023
- Cointelegraph: DeFi exploits and access control hacks cost crypto investors billions in 2022: Report
Main Objective
Context: Hackers are stealing more cryptocurrency from DeFi platforms than ever before. In last year’s “Crypto Crime Report,” Chainalysis detailed how DeFi protocols in 2021 became the primary target of crypto hackers. That trend intensified in 2022 and is expected to continue. By the numbers, 2022 was the biggest year ever for crypto hacking, with $3.8B stolen, primarily from DeFi protocols and by North Korea-linked attackers. DeFi protocols as victims accounted for 82.1% of all cryptocurrency stolen by hackers in 2022 — a total of $3.1 billion — up from 73.3% in 2021. As a result, it has become a top priority for DeFi projects to have protection in place above smart contract audits.
Motivation: Response time is one of the most important factors in successful asset recovery as a fast response significantly increases the opportunity to control and recover funds before they are gone (sent to a fiat off-ramp, moved to a sanctioned exchange, etc.) By procuring Chainalysis CIR, Abracadabra would have Chainalysis’ world-class team of professional investigators, cybersecurity experts, and data engineers on standby in the event of a hack or exploit, ready to respond immediately and thus increasing the likelihood of recovering funds. To date, Chainalysis has aided in the recovery of over $11B in stolen funds through our own investigations and others we supported.
Further, Chainalysis’ reputation is known across the world. By implementing CIR and broadcasting your Chainalysis partnership like Morpho did in the tweet above, you’re creating a strong deterrent. Hackers know that even if they do exploit your protocol, they won’t be able to easily profit from the stolen funds, thus diminishing their financial incentive to attack.
Proposal
Abracadabra can implement a multi-year CIR protection plan, which delivers a number of benefits to the community:
- A multi-year plan is a commitment to cybersecurity and consumer protections. It sends a strong message to the Abracadabra community and beyond and is well-aligned to Abracadabra’s longer-term security objectives.
- Abracadabra can lock in pricing today, securing lower cost pricing and removing future price/budget uncertainty.
To fund this partnership, the DAO will tap into its security budget of $100k stablecoin.
Benefit Recap
-
Deter Hacks: The best outcome is you never get hacked. CIR helps deter hackers by letting them know a leading global crypto investigative team is on your side.
-
Project your Community, Boost your Brand: By adopting CIR, you can show the Abracadabra community (and the broader DeFi community) that you’re taking serious action when it comes to cybersecurity and consumer protections, thus improving your brand reputation and differentiating yourself in the market.
-
Partner with the Best: With CIR, Abracadabra can tap into Chainalysis’ expertise for complex blockchain analysis and investigations. The CIR team is ready to respond to cybersecurity breaches, ransomware attacks, recovery of stolen cryptocurrency, and perform other analyses involving blockchain data. The team consists of respected professional investigators, cybersecurity experts, and data engineers.
-
Reaction Time: Having a proactive solution in place decreases the time to respond and increases the likelihood of asset freezing and recovery by the customer or law enforcement should the worst happen.
-
Technical Skills: The ability to trace funds through various types of complex platforms is a crucial part of the CIR incident response and the ability of our customers to recover funds successfully. This applies to identified mixer platforms but also unidentified mixers and new bridging protocols between blockchains.
-
Network: Chainalysis has a huge customer base and, with it, a sizable network with personal connections to almost all significant exchanges and services in the crypto space. Also, their strong relationship with Law Enforcement Agencies around the world makes them very efficient in engaging the relevant entities when needed.
-
ROI: In over 80% of all cases where an incident has occurred, Chainalysis investigators have been able to give our customers valuable information that leads to recovery of more than what their CIR fee was. This demonstrates a great return on investment for CIR customers.
Considerations/Risks
There is a significant risk of not adopting a proactive asset recovery plan (that is, not having a plan in place before an attack). Waiting until after a hack occurs to partner with Chainalysis will create a significant delay in their ability to act, as it takes time to go through the approval and contracting process. As mentioned above, time is of the essence in a hack, and any delays reduce the chance of asset freezing and recovery.
Contracts/Technical Requirements
- Technical requirements: None
- Relevant token contract and chainlink oracle address: N/A
Next Steps
Voting Will start Saturday, 29th of April at 16:00 CET. Voting can be found here.
The proposal has passed!