Release: PolySwarm Alpha (v0.1)

GUIs, cURLs, and Truffles, oh my! Get all the details of our first major release from the PolySwarm dev team.

Right on time, we’re proud to announce the release of PolySwarm Alpha! A lot of hard work went into this release and we’ve made significant progress—but we’re only just getting started.

Here are the major features of this release:

  • Bounty submission/response and artifact download
    This forms the bases for experts that want to build micro-engines and allows enterprises and ambassadors to submit potential malware for network scanning.
  • Exemplar micro-engine featuring ClamAV
    A great demonstrator for how easy it is to hook existing tools and new micro-engines into PolySwarm. We took a respected open source anti-virus suite and connected it up.
  • A good-looking bounty management GUI
    Who says security engineers aren’t into a decent UX? Post and manage bounties in purple style. See below.

Looking ahead, we’re building a robust marketplace in time to make a splash at the two big summer security conferences in Las Vegas (BlackHat USA and DEFCON). More information on what we’re planning coming soon :)

TLDR: For those itching to test drive PolySwarm Alpha, grab pre-built binaries of bounty-management bundled with polyswarmd here.

The Goods

Alpha is targeted at security experts who aren’t afraid to get their hands dirty (is there any other type?).

We’re building many APIs and reference implementations in as multiple languages to make it easy for new developers & security experts to build micro-engines for PolySwarm.

bounty-management

Source & binaries: https://github.com/polyswarm/bounty-management/releases/tag/v0.1-alpha

A nice GUI to try things out.

We’re all about making it as easy as possible for newcomers to try out the PolySwarm network, so we built bounty-management to visually demonstrate the PolySwarm’s bounty process, each step is listed below:

Step 1: Unlock your wallet.

Step 2: Create a bounty.

Step 3: See what the PolySwarm network has to say!

Like I said, we’re aiming for simplicity.

polyswarmd

source & binaries: https://github.com/polyswarm/polyswarmd/releases/tag/v0.1-alpha

polyswarmd is the Swiss Army knife daemon for interacting with PolySwarm network.

polyswarmd provides programmatic access to the PolySwarm network and deals with the details so you don’t have to. bounty-management makes use of polyswarmd, as will many micro-engines, including our exemplar clamav-microengine.

Specifically, polyswarmd offers a convenient REST API for:

  • placing bounties: asking the network whether a file (an Artifact) is malicious
  • rendering assertions: telling the network whether you — or your micro-engine — thinks a particular Artifact is malicious
  • retrieving Artifacts hosted on IPFS
  • delivering verdicts: Arbiters use this to input ground truth
  • more

polyswarm-contracts

Source: https://github.com/polyswarm/polyswarm-contracts/releases/tag/v0.1-alpha

The PolySwarm smart contracts :)

We’ll deploy these contracts onto the Ethereum mainnet upon each major release (Alpha, Beta, Gamma, …) You can find the Alpha contracts here. The pre-built bounty-management + polyswarmd bundle (linked above) uses this mainnet contract.

clamav-microengine

Source: https://github.com/polyswarm/clamav-microengine/releases/tag/v0.1-alpha

ClamAV is a well known open source anti-virus engine and we’ve been using it to help get PolySwarm up and running. ClamAV serves as the only arbiter in PolySwarm Alpha. Put another way, if security experts’ assertions agree with ClamAV, they’re considered correct.

Take a look at the source code for an idea of what coding a micro-engine will look like.

What are we working on now?

We have two key algorithms within PolySwarm:

  • Arbiter selection — automatically selecting trusted parties to determine which security experts answered a bounty correctly.
  • Ground truth determination — when arbiters weigh in, is majority vote enough? Should each vote be weighted by reputation?

Today we have simple implementations of these algorithms to make the marketplace operational. In preparation for Beta, we’re working on developing each algorithm into forms that warrant longer explanations of how they make PolySwarm a thick and safe marketplace. Stay tuned!

Until Next Time

We’re looking forward to what the future holds for PolySwarm. Alpha is our first major step toward building tomorrow’s threat intelligence marketplace.

Get in touch with us on Twitter, Telegram and GitHub and stay tuned for announcements concerning an invite-only PolySwarm development channel in the coming months.

~Paul Makowski, CTO @ Swarm Technologies, Inc