At a time when many crypto companies have seen their fortunes plummet, one corner of the industry is thriving.
With criminals, including North Korean hackers, increasingly targeting the sprawling software infrastructure underpinning the cryptosphere, firms that sift through code for weaknesses and run bug-hunting sites are finding themselves with more business than they can handle. As mass firings become the norm elsewhere in crypto, they’re boosting hiring, raising prices and taking in fresh funding.
Their rising fortunes underscore how the industry is waking up to the threat of sophisticated hackers who have stolen roughly $2 billion from digital-asset protocols this year, according to researcher Chainalysis, which says such attacks show few signs of slowing.
With so much at stake, crypto security services are moving from the “nice to have” spending category to the “must have” bucket, even for bootstrapping start-ups and community-driven projects.
“We have spent sooooo much money on audits,” Paul Frambot, chief executive officer of crypto startup Morpho Labs, said by text message. “Security is, in my opinion, not taken sufficiently seriously in DeFi,” he added, referring to decentralised finance, where people trade, borrow and lend crypto without a central intermediary.
Investors are taking note of the growing demand for protection. Venture capital firms have poured $257 million into crypto auditing and security companies so far this year, up from $185 million for all of 2021, according to CB Insights.
Rising threat
Crypto thieves have stalked the industry for most of its roughly decade-long existence, from the Bitfinex exchange hack in 2016 to last year’s exploit of the PolyNetwork protocol.
But the problem has worsened recently, in part because of a relatively novel part of the ecosystem that’s become a juicy target: so-called crypto bridges, software platforms that allow coins designed for one blockchain to be used on another. Hacks on crypto bridges accounted for more than two-thirds of the total value stolen in the first seven months of 2022, Chainalysis estimates.
In March, hackers struck the Ronin Bridge connected to the popular Axie Infinity online game and made off with cryptocurrencies worth about $600 million at the time, one of the biggest hauls to date.
The threat isn’t limited to bridges. Hundreds of millions of dollars have vanished in exploits of other projects, like DeFi apps. Many of these efforts rely on so-called smart contracts — code that automatically executes transactions in a way that can’t be reversed — so design flaws can be especially costly.
$400,000 salaries
Audits are essentially reviews of code by experienced developers who scrutinise it to identify bugs, security concerns and other issues that could make the technology run in unintended ways. In some cases, the protocol’s developer can fix the weaknesses pinpointed, and then have those patches reviewed by the auditor. Some crypto auditors use automated tools that scan code. Others, like OpenZeppelin, deploy at least two auditors who go through the code, one after another, line by line.
Salaries for experienced blockchain auditors can run as high as $400,000 a year, according to Zeth Couceiro, founder of crypto recruitment firm Plexus Resource Solutions. Their pay is typically around 20 per cent above that of developers focused on Solidity, one of the biggest crypto programming languages. “The reason for that is the need to come from a coding background but also understand the architecture to establish vulnerabilities,” said Zeth Couceiro, founder of crypto recruitment firm Plexus Resource Solutions.
Dear Reader,
Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.
We, however, have a request.
As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.
Support quality journalism and subscribe to Business Standard.
Digital Editor
This news is republished from another source. You can check the original article here
Be the first to comment