Table of Contents
Much ado about internet security. More and more developers are transitioning to infrastructure and helping grow the business of security education (certification) companies, but the levels of fraud and thievery are very hard to lower even when the crypto markets are declining.
Throughout our exploration of early-stage crypto startups, we’ve interviewed several founders and team members of web3 security startups, which gave us some insight into what this growing space is shaping up to be. From community-owned malicious data gathering projects to wallet protection solutions appearing, the people involved are trying to minimize vulnerabilities for themselves and others, and the risk of large-scale hacks we still often see today.
From what we've found in our weekly discovery projects in recent months, we can derive several subcategories of blockchain security companies:
The following is a list of the key blockchain security projects we’d like to share with you as highlights from our research.
Security Protocols
Specular - the first EVM-native optimistic rollup that offers two improved items from the blockchain trilemma - security and decentralization, and supports permissionless inclusion of Ethereum clients and dispute resolution.
Silent Protocol - a startup building a privacy-compliant infrastructure for dApps where true financial primitives can be created in the DeFi. For users, a privacy infrastructure means they can access dApps anonymously and confidentially. Silent brought a new MPC protocol and its silent-compliance virtual machine for encapsulating dApp operations.
Protective Browser Extensions & Wallets
TholosAPP - a self-custodial multi-chain crypto wallet and an intuitive with a portfolio dashboard. Projects can incorporate Tholos with their own systems to better manage asset custody and their treasuries, and get institutional-grade security.
Pocket Universe - a web3 transaction security company that offers a free browser extension for asset safety. Pocket Universe detects malicious Seaport transactions, honeypot NFTs, counterfeit tokens, and more.
Fire - a Chrome extension that simulates transactions and provides details on what exactly will go in and out of a user’s wallet before the contract is signed.
Stelo is an open-source extension that keeps crypto safe from phishing and helps users understand transactions before they sign them.
ThreatSlayer is a threat detection browser extension aimed at the mainstream user. They utilize AI threat detection technology to catch and block browser-based attacks, like phishing attacks and social engineering. Users can catch threats and share the data for token rewards, while ThreatSlayer sells threat data to other firms.
Smart Contract Risk Infrastructure
ChainPatrol - a web3 security platform offering advanced tools for stopping phishing scams, picking up false positives on security analysis, and freezing compromised social accounts.
Neutron - a Cosmos-based and Cosmos Hub-used smart contract platform utilizing CosmWasm to create interchain security for staked $ATOM, and interoperability through IBC/ICQ/ICA technologies.
Hexagate - a new web3 security firm that offers a transaction analysis API.
Skylock - a Canadian company that helps web3 startups defend themselves from digital threats using machine learning, anomaly and hack detection, malicious transaction interception, and on-chain event monitoring tools.
Audits
Spearbit - a decentralized agency filled with security experts whom companies can hire for reviews, audits, and consultation. The talent is hired on a case-to-case basis to match security skills with the client's problem.
Zellic is a web3 audit firm specializing in both security and compliance. A range of services is offered, from smart contract auditing and dApp security foundations.
Anonymity
RAILGUN - a ZKP-driven privacy and anonymity system for EVM-based products that makes it possible for users to anonymously interact with DEXs, lending platforms, and other dApps directly on-chain on Ethereum.
Big Whale Labs - the company behind a series of other unique web3 projects that include SealCred, Echo, and Sealcaster. SealCred is a new social protocol based on soul-bound NFTs that power on-chain pseudonymity, Echo is a tool for tweeting anonymously with ZKP badges, and Sealcaster is a Farcaster tool for anonymous posting.
Safe Ecosystem Governance
Shield - an AI-enabled web3 security provider building automation and monitoring tools that detect fraudulent, fake, and scammy behavior in blockchain ecosystems.
The emerging projects in this space are creating completely new types of protective solutions for web3 products that are looking less like traditional websites or apps by the day, which can be celebrated.
It is truly exciting to see things like ecosystems with incentivized user reporting of malicious dApps, ways to tweet anonymously with the help of zero-knowledge proofs, or developers utilizing real-time smart contract analysis tools to write better lines from the very start.