Full Stack, Decentralized Security
The design space of cyber security is vast. There are an infinite number of attack vectors across chips and instruction sets, operating systems, runtimes, and applications. And naturally, there are many large cybersecurity companies.
When I first got into Ethereum in 2016, the only real cybersecurity companies were smart contract auditors. Human audits have been and always will be paramount. However, human audits are not enough. Starting in 2018, a number of companies launched to automate processes around smart contract code analysis, detecting anomalies in real-time contract interactions, and more. These mechanisms grow more comprehensive and sophisticated each day as these teams invest further in their respective solutions.
Over the last 5 years, the cybersecurity and insurance sectors in crypto have been discussed as separate industries. However, in my mind, they are inextricably linked, and ultimately will converge such that all major service providers offer a full stack of software solutions, real-time services that protect users and contracts in real time, human audits, and insurance products as a bundle. Insurance is the logical end state of this bundle, as it represents coming full circle such that security firms assume some financial risk for the consumer applications which they help secure. While sec3 does not yet offer insurance, they are building towards this eventual state.
Today I’m excited to share that Multicoin Capital led a $10M round in sec3, joined by Sanctor Capital, Essence VC, as well as several notable angels, including Santiago R. Santos and Anatoly Yakovenko, a Solana cofounder.
sec3 is intimately familiar with Solana’s Sealevel Virtual Machine (SVM). Founders Chris Wang (Twitter) and Jeff Huang (Twitter, GitHub) began auditing the SVM before mainnet launch. The team includes several computer science PhDs, and a tenured professor at Texas A&M University. After performing a series of manual audits, they recognized the opportunity to automate a lot of their manual work, and thus sec3 was born.
They launched their first product, Xray, a static analysis tool that automatically integrates with GitHub and continuously analyzes smart contracts for vulnerabilities. They have more recently launched Watchtower and Circuit Breaker, a suite of products enabling real time security monitoring that detects anomalies before and while they are hitting contracts on a public chain. These products have quickly become the industry standard for Solana-based developers.
It’s not possible to launch a full suite of security products, a decentralized and real time attack prevention service, and an insurance overlay, in short order. Building out this entire vision will take many years, and will require thoughtful planning of order of operations, and reinvestment along the way. To that end, the sec3 team has shared their secret master plan (inspired by Tesla’s), outlining this vision.
We are grateful for the opportunity to back the sec3 team and help them fulfill their vision of full stack security that leverages decentralization.
Disclosure: Unless otherwise indicated, the views expressed in this post are solely those of the author(s) in their individual capacity and are not the views of Multicoin Capital Management, LLC or its affiliates (together with its affiliates, “Multicoin”). Certain information contained herein may have been obtained from third-party sources, including from portfolio companies of funds managed by Multicoin. Multicoin believes that the information provided is reliable but has not independently verified the non-material information and makes no representations about the enduring accuracy of the information or its appropriateness for a given situation. This post may contain links to third-party websites (“External Websites”). The existence of any such link does not constitute an endorsement of such websites, the content of the websites, or the operators of the websites. These links are provided solely as a convenience to you and not as an endorsement by us of the content on such External Websites. The content of such External Websites is developed and provided by others and Multicoin takes no responsibility for any content therein. Charts and graphs provided within are for informational purposes solely and should not be relied upon when making any investment decision. Any projections, estimates, forecasts, targets, prospects, and/or opinions expressed in this blog are subject to change without notice and may differ or be contrary to opinions expressed by others.
The content is provided for informational purposes only, and should not be relied upon as the basis for an investment decision, and is not, and should not be assumed to be, complete. The contents herein are not to be construed as legal, business, or tax advice. You should consult your own advisors for those matters. References to any securities or digital assets are for illustrative purposes only, and do not constitute an investment recommendation or offer to provide investment advisory services. Any investments or portfolio companies mentioned, referred to, or described are not representative of all investments in vehicles managed by Multicoin, and there can be no assurance that the investments will be profitable or that other investments made in the future will have similar characteristics or results. A list of investments made by funds managed by Multicoin is available here: https://multicoin.capital/portfolio/. Excluded from this list are investments that have not yet been announced (1) for strategic reasons (e.g., undisclosed positions in publicly traded digital assets) or (2) due to coordination with the development team or issuer on the timing and nature of public disclosure. * This blog does not constitute investment advice or an offer to sell or a solicitation of an offer to purchase any limited partner interests in any investment vehicle managed by Multicoin. An offer or solicitation of an investment in any Multicoin investment vehicle will only be made pursuant to an offering memorandum, limited partnership agreement and subscription documents, and only the information in such documents should be relied upon when making a decision to invest.*
Past performance does not guarantee future results. There can be no guarantee that any Multicoin investment vehicle’s investment objectives will be achieved, and the investment results may vary substantially from year to year or even from month to month. As a result, an investor could lose all or a substantial amount of its investment. Investments or products referenced in this blog may not be suitable for you or any other party.