Cryptoland’s security that lets you have a good night’s sleep

The first of its kind security intelligence platform that is built for and runs on the blockchain.

You are not to blame even if the company’s mission statement, vision and values do not influence how you actually do your work everyday. It may not even resonate with you that much. After all, every company has one, and they all sound just about right.

It is, however, a very different case for the Uppsala team. The foundation’s vision of making the crypto world a better place without the need to worry about hacks, scams, or frauds conducted against valuable digital assets was deeply embraced for every team member from the beginning.

The founder of Uppsala Foundation, Patrick Kim, lost all his 7,218 ethers that he had mined due to the vulnerability in Ethereum Mist wallet back in 2016. When Patrick used the Mist wallet to send a transaction, the wallet unlocked his account for 2 seconds and the hacker’s transaction succeeded in moving Patrick’s ethers to the hacker’s account. As a security specialist himself, Patrick made a thorough investigation and while doing so, he discovered another critical vulnerability issue in the wallet. He reported his findings to the Ethereum foundation as well as online communities. He even demonstrated on a YouTube video how the attack was made possible. The Mist development team applied two urgent patches afterwards. This incident has provoked people to request a stronger security system and overall raised the security bar.

Mist is the official GUI dapp browser wallet developed by the ethereum foundation

No one could have embodied this principle better than Patrick: Blockchain can’t guarantee the security issues of client side.

Great autonomy imposes the onus of security on individuals.

Police catches the bad guy in the real world, but who’s taking that role in the crypto world?

In the real physical world, valuable assets are stored in the bank. If a bad guy somehow gets into the bank, it is reported to the police, and the police is responsible to catch the bad guy.

In the crypto world, as much as it thrives on the decentralized computer nodes, there is no protector entity. You are on your own. You have to take your own security measures before anything happens. Even if you do, you can still be attacked. Blockchain is secure by design, but the connected applications are not. Not to mention the attacks against web applications such as coinbase (website) and Steemit (blogging platform), we’ve seen huge losses in crypto exchanges such as Mt. Gox, Bitfinex and Youbit. We’ve also learned attacks against node is possible in Krypton and Shift’s cases.

No one is liable for your loss after hacking. You can literally see the wallet address where your assets are taken to, but there is nothing could be done to take it back. Sooner or later, the hacker will split the stolen assets through tumbling and mixing, and convert them to fiat money. During this process, there’s no regulating body that validates the ownership of the assets or blocks off the conversion as the last resort.

Even a security specialist like Patrick became the victim so why should you believe that you are safe and secure? Perhaps that’s why so many people can’t sleep at night. Oh right, crypto never sleeps.

What about the rest of the team? We’ve been in the IT security industry for so long that we understand the critical flaw in the existing security market.

Security vendors are not motivated to share knowledge and form an information-sharing trust group.

This lack of shared knowledge among security vendors is fatal. Cyber security attacks have evolved over time and become much more difficult to detect and block. The attacks can occur very quickly with little or zero prior notice. So, whether it’s a machine learning algorithm to do behavior analysis and practice proactive protection or just a huge data that piled up all kinds of previous attack information to analyze attack patterns and trends, whatever it takes to prevent attacks should be done altogether.

Nonetheless, each IT security vendor compiles threat information on its own and invests so much resources in building fancy technology by themselves as if it is the winner takes it all game. They know that the greater the collected risk information, the higher the chance of preventing cyber crimes. However, there’s no practical incentive for vendors to collaborate and create one comprehensive database. Anton Chuvakin, research VP at Gartner once said that, “It is truly maddening to see examples of bad guys sharing data, tricks, methods and good guys having no effective way of doing it.” It is the ordinary people who pays this huge inefficiency.

Together, we protect

Every single Uppsala team member deeply understands the good will alone doesn’t scale. It’s why we are designing a platform that leverages mutual self-interest and provides rewards through participation.

We are building a decentralized cyber security ecosystem on blockchain technology.

Blockchain as a security enabler.

The website will be open up on February 12, 2018.*

Harnessing through the power of decentralization, Sentinel Protocol combines cryptographic functions and intelligence-based threat analysis algorithms to create a secure, innovative ecosystem. Security experts and vendors will be encouraged to contribute to building the threat database under the consensus mechanism and feedback from participants, or Delegated Proof of Stake (DPOS). Through collective intelligence, the platform can most efficiently and effectively collect hacker’s wallet address, malicious URI, phishing address, malware hashes, just to name a few. This platform will be integrated into crypto exchanges, payments and wallets. It will also provide a few other security features for the individual crypto users.

Sentinel Protocol opens up opportunities for individuals with the right skills to take part in this new platform for decentralized security on the blockchain.

Don’t miss out our updates: