Release: PolySwarm Alpha (v0.1)
GUIs, cURLs, and Truffles, oh my! Get all the details of our first major release from the PolySwarm dev team.
Right on time, we’re proud to announce the release of PolySwarm Alpha! A lot of hard work went into this release and we’ve made significant progress—but we’re only just getting started.
Here are the major features of this release:
- Bounty submission/response and artifact download
This forms the bases for experts that want to build micro-engines and allows enterprises and ambassadors to submit potential malware for network scanning. - Exemplar micro-engine featuring ClamAV
A great demonstrator for how easy it is to hook existing tools and new micro-engines into PolySwarm. We took a respected open source anti-virus suite and connected it up. - A good-looking bounty management GUI
Who says security engineers aren’t into a decent UX? Post and manage bounties in purple style. See below.
Looking ahead, we’re building a robust marketplace in time to make a splash at the two big summer security conferences in Las Vegas (BlackHat USA and DEFCON). More information on what we’re planning coming soon :)
TLDR: For those itching to test drive PolySwarm Alpha, grab pre-built binaries of bounty-management
bundled with polyswarmd
here.
The Goods
Alpha is targeted at security experts who aren’t afraid to get their hands dirty (is there any other type?).
We’re building many APIs and reference implementations in as multiple languages to make it easy for new developers & security experts to build micro-engines for PolySwarm.
bounty-management
Source & binaries: https://github.com/polyswarm/bounty-management/releases/tag/v0.1-alpha
We’re all about making it as easy as possible for newcomers to try out the PolySwarm network, so we built bounty-management
to visually demonstrate the PolySwarm’s bounty process, each step is listed below:
Step 1: Unlock your wallet.
Step 2: Create a bounty.
Step 3: See what the PolySwarm network has to say!
Like I said, we’re aiming for simplicity.
polyswarmd
source & binaries: https://github.com/polyswarm/polyswarmd/releases/tag/v0.1-alpha
polyswarmd
is the Swiss Army knife daemon for interacting with PolySwarm network.
polyswarmd
provides programmatic access to the PolySwarm network and deals with the details so you don’t have to. bounty-management
makes use of polyswarmd
, as will many micro-engines, including our exemplar clamav-microengine
.
Specifically, polyswarmd
offers a convenient REST API for:
- placing bounties: asking the network whether a file (an Artifact) is malicious
- rendering assertions: telling the network whether you — or your micro-engine — thinks a particular Artifact is malicious
- retrieving Artifacts hosted on IPFS
- delivering verdicts: Arbiters use this to input ground truth
- more
polyswarm-contracts
Source: https://github.com/polyswarm/polyswarm-contracts/releases/tag/v0.1-alpha
The PolySwarm smart contracts :)
We’ll deploy these contracts onto the Ethereum mainnet upon each major release (Alpha, Beta, Gamma, …) You can find the Alpha contracts here. The pre-built bounty-management
+ polyswarmd
bundle (linked above) uses this mainnet contract.
clamav-microengine
Source: https://github.com/polyswarm/clamav-microengine/releases/tag/v0.1-alpha
ClamAV is a well known open source anti-virus engine and we’ve been using it to help get PolySwarm up and running. ClamAV serves as the only arbiter in PolySwarm Alpha. Put another way, if security experts’ assertions agree with ClamAV, they’re considered correct.
Take a look at the source code for an idea of what coding a micro-engine will look like.
What are we working on now?
We have two key algorithms within PolySwarm:
- Arbiter selection — automatically selecting trusted parties to determine which security experts answered a bounty correctly.
- Ground truth determination — when arbiters weigh in, is majority vote enough? Should each vote be weighted by reputation?
Today we have simple implementations of these algorithms to make the marketplace operational. In preparation for Beta, we’re working on developing each algorithm into forms that warrant longer explanations of how they make PolySwarm a thick and safe marketplace. Stay tuned!
Until Next Time
We’re looking forward to what the future holds for PolySwarm. Alpha is our first major step toward building tomorrow’s threat intelligence marketplace.
Get in touch with us on Twitter, Telegram and GitHub and stay tuned for announcements concerning an invite-only PolySwarm development channel in the coming months.
~Paul Makowski, CTO @ Swarm Technologies, Inc