1. Complete Integration of Stellar support into the Web3SOC staging version
   1. Integrate the existing MVP into the staging version of Web3SOC
      1. Integrate “topic” filters to create specific events for a smart contract subscription
      2. Fully implement the alert feature to provide real-time notifications
      3. Integrate Soroban into the roles, labels, and integration tabs that are featured on the hub
      4. Fully implement fire drills feature for the Soroban/stellar network
   2. Demo a fully functioning version of Web3SOC on Soroban
   3. 4 weeks
   4. $30,000
2. QA and Testing
   1. Tasks
      1. Test multiple combinations of events, subscriptions and rules to ensure the platform is working as expected
      2. Automatic generation of “listenable” functions when a certain contract is provided as input
   2. Develop a E2E testing suite for the integration
   3. 2-3 weeks
   4. $25,000
3. Develop sample Response Plans and Knowledge Base documents
   1. Tasks
      1. Develop Soroban specific response plans
      2. Integrate other 3rd party tools for enhanced due diligence of alerts
   2. Integrate Knowledge base documents directly into Web3SOC
   3. 1 week
   4. $10,000
4. Open-BETA Web3SOC Stellar integration
   1. Launch a beta version on Testnet for user testing and feedback collection.
   2. Bugfix and patch community and internal driven feedback to meet highest QA standards
   3. 2-3 weeks
   4. $20,000
5. Public Release
   1. Officially launch Web3SOC on Mainnet for widespread use
   2. Demo and release a fully polished Web3SOC on Mainnet
   3. 1 week
   4. $10,000

The above milestones provide a roadmap for the next 3 months of development, until official launch on Soroban. After that, we plan on continuing to add features to the product based on user feedback and requests. Some of the features we currently have in the roadmap include: 

- Automatic response plans to move funds out of a wallet/smart contract based on certain suspicious activities 

- Fire drills recurring programs to help security managers test the responsiveness of their teams

- Integration of wallet and smart contract labels into Web3SOC using AnChain.AI's BEI API. 

- Automated tracing of money flow from an alert to points of liquidation (ex. exchanges)

- Health overview feature to monitor health status of a certain ecosystem of smart contracts (ex. all DeFi projects with TVL above a certain threshold). 

We do not plan on applying for additional grant support for Web3SOC after this one. 

• https://dashboard.communityfund.stellar.org/scfawards/scf-20/awarddistribution/suggestion/67 - $50k Activation Award
• Demo video of the MVP for Soroban Web3SOC showcasing the completion of milestones in the activation award: https://youtu.be/k8-bD8_cKZQ

Product & Architecture

Web3SOC is the first Security Operations Center designed to Safeguard Web3 Digital Assets. 

The Problem 

Despite the robustness of smart contract auditing, it has not been a panacea for Web3 security breaches. An alarming $2.81 billion in losses were caused by smart contract security compromises,  91.96% of which had been audited. As we stand at the precipice of a new era in Web3 security, we must pivot our approach to anticipate potential breaches and adapt accordingly. Our product, Web3SOC, was specifically designed for this purpose.

The Harsh Reality of Smart Contract Audits in 2022

Long hailed as the gold standard for smart contract security, audits fell notably short in 2022. The stark statistics below show that smart contract auditing struggled to provide the required level of security in the Web3 landscape.

Our team at AnChain.AI conducted an in-depth analysis of all major Web3 security incidents in 2022, revealing:

• A staggering $2.81 Billion in losses from smart contract security compromises.
• Smart contract-based incidents made up 70.36% of all Web3 security breaches.
• An alarming 91.96% of the hacked smart contracts had undergone auditing processes, with some audited multiple times by reputable security firms.

Building a secure Web3 DApp in the modern era requires a more systematic approach and a departure from spending most of one’s security budget on smart contract auditing alone. Inspired by Mandiant, FireEye, and other top-tier cybersecurity companies’ best practices, AnChain.AI launched the Web3SOC product at RSA Conference 2023: https://youtu.be/vYQtL130IAk?si=N4gZBG-cOA8j40nN 

The Solution

Web3SOC aims to solve the essential problem in the Web3 security industry, by significantly improving MTTD (Mean Time To Detect), MTTR (Mean Time To Respond) key metrics, attack surface threat modeling, and security maturity for all Web3 digital asset businesses.

It focuses on improving the security maturity of Web3 applications:

• Threat Modeling: Model for your DApp’s Attack surface, including smart contracts, private key management, Cloud infra, and all.
• Incident Response Planning: Let’s assume hackers are hacking you right now. What would you do to detect, respond, and remediate? 
• Attack simulation and Metrics focused: Start with measuring MTTD: Mean Time to Detect. The Web3SOC fire drill will measure an organization’s key metrics starting with MTTD.
• Monitoring and Alerting: Web3SOC provides real-time monitoring and alerting on potential threats.
• Automatic Response with AI: We leveraged various machine learning and AI algorithms to automate the SOC workflow. “Auto Trace AI” comes in handy for hackers attribution; the machine learning risk scoring engine has scored Billions of Web3 / Blockchain addresses and enabled as real-time API;  GPT and LLM will scan smart contracts including vulnerabilities;
• 3rd party integration: Web3SOC connects to mainstream SIEM platforms and other security applications. 

Web3SOC framework is built on a proven foundation – the 5-step NIST Cybersecurity Framewor

1. Identify: Understand Web3 digital assets, systems, data, and resources that need protection, and develop a comprehensive understanding of the organization’s cybersecurity risk landscape. For example, smart contract auditing fits into this stage.
2. Protect: Implement safeguards to ensure critical infrastructure services, prevent or minimize damage from cyber threats, and establish security policies and procedures.
3. Detect: Employ monitoring and detection systems to identify cybersecurity events promptly, enabling early detection and effective response. 
4. Respond: Develop and implement an incident response plan to address detected cybersecurity events, minimize damage, and ensure a faster return to normal operations.
5. Recover: Restore systems and services affected by a cybersecurity incident by developing a recovery plan, prioritizing critical functions, and incorporating lessons learned to improve overall resilience. 

We have reached a critical juncture in the field of Web3 security. The vulnerabilities exposed in smart contract auditing indicate the need for a paradigm shift in our approach. With Web3SOC, we offer a comprehensive solution to safeguard Web3 applications and digital assets. We must prepare for the possibility of a hack happening, rather than reacting to it.

With Soroban introducing smart contracts to the Stellar network, new attack surfaces arise. By integrating Soroban into Web3SOC we aim at helping companies and developers identify these vulnerabilities, monitor, and respond to them.

Francesco Piccoli

Senior Director of Products

By running the product efforts at Anchain.AI, Francesco works to deliver cutting-edge technology solutions to the blockchain industry, financial institutions, and governments around the world. 

https://www.linkedin.com/in/francesco-piccoli/

Derek Liu

Senior Data scientist

Derek is AnChain’s lead data scientist, spearheading our efforts in risk scoring, NFT wash trading, smart contract vulnerability detection, and auto-trace. He joins the team with years of experience in data science for anti-fraud from Goldman Sachs, PwC, and fintech startups.

https://www.linkedin.com/in/dliu88/

Philip Werlau

Engineering Manager

Philip is the Engineering Manager at AnChain.AI where he leads development of the Web3SOC. Leveraging his decade of experience working as a developer and manager of a SOC, Philip now focuses on Web3 security.

https://www.linkedin.com/in/philipwerlau/

Adi Patel

Frontend Engineer

Full stack developer with experience making dynamic and production ready web applications in the healthcare and web3 space. Majority of Adi’s expertise is in frontend engineering, where he works with a Next.js, React.js, Typescript, SASS, and GraphQL tech stack.

https://www.linkedin.com/in/adi-patel1/

Ryan Suematsu

Full-stack engineer

Ryan is a developer experienced in web3 applications. He specializes in system design and the integration of new technologies. Proficient with Next.js, React.js, Typescript, and GraphQL, Ryan also has deep knowledge in smart contract languages, including Solidity, Cadence, and Rust.

https://www.linkedin.com/in/ryan-y-suematsu/

David Kwon

Full-stack engineer

https://www.linkedin.com/in/davidkwonh/

Matthew Eckelberg

Cloud Manager

Matthew Eckelberg is the Manager of IT, CloudOps, and DevOps at AnChain.AI. He is passionate about IT operations, cloud administration, and security. Matthew’s experience includes Deloitte, The Federal Reserve Bank of Boston, DoD Contracting Industry, and the US Marine Corps.

https://www.linkedin.com/in/matthew-eckelberg/

Lina Self

UI/UX designer

Lina joined Anchain.AI as a UX UI Designer, bringing with her over 8 years of professional user-centered design approach and creative knowledge from London, UK. Originally from Lithuania, she has an MA in Media & Communication (Malmo, Sweden) and BA in Visual Communication (Loughborough, UK) with previous experience working ranging from London Fashion Week to magazines and global retailers.

https://www.linkedin.com/in/lina-self/