PolySwarm’s Bounty Life Cycle
Wild West-Style “Wanted” Posters for Rapid & Accurate Triage
PolySwarm is the world’s first decentralized threat intelligence market. PolySwarm is made possible by blockchain-based smart contracts that enable new forms of market design. Read more about why we’re building PolySwarm, or take a deep dive into the full details in our white paper. PolySwarm is fortunate to be advised by world-renowned information security experts.
Here we provide an overview of PolySwarm’s market participants and their interactions in PolySwarm’s Bounty life cycle. PolySwarm will also provide a Raiden-style Offer Channel option for low latency, high-throughput sidechain exchanges among familiar participants — a topic for a future article.
Be sure to check out our recently-launched How It Works page!
PolySwarm’s Participants
Enterprises
Enterprises (or End Users) are people or organizations with suspect artifacts (files, network traffic, URLs) that the PolySwarm ecosystem can help triage.
Enterprises produce suspect artifacts and consume distilled threat intelligence from the market. Most Enterprises will choose to interact with the market via Ambassadors.
Ambassadors
Ambassadors make PolySwarm interaction frictionless. These companies handle artifact submission and verdict determination on behalf of Enterprises in exchange for subscription fees.
Ambassadors are most akin to today’s Antivirus and threat intelligence companies. In fact, we expect many such companies to act as Ambassadors, transparently enhancing their current offerings via PolySwarm integration.
Security Experts
Security Experts are geographically diverse Information Security Experts skilled in reverse engineering suspect artifacts. They are rewarded solely on their malintent detection accuracy.
Experts consume artifacts presented via Bounty (and Offer) contracts. They produce malintent assertions that represent their investigative conclusion: is this suspect artifact malicious or benign?
Arbiters
Arbiters are top-echelon Ambassadors in terms of the amount of Nectar (NCT) tokens successfully rewarded via Bounty contracts. The current list of Arbiters is maintained in a trustless, distributed manner by smart contract in a sliding window fashion.
Arbiters participate in a process we call mediated consensus (the topic of a future post). This process ensures honest determination of ground truth, which is fed into Bounty contracts, triggering the release of rewards.
Triaged in 60 Seconds
- Enterprises (End Users) present suspect artifacts: files, network traffic and URLs to the PolySwarm market via Bounty smart contracts. This process will likely be outsourced to an Ambassador. Ambassadors return verdicts to their clients based on weighted / distilled assertions presented by Security Experts.
- On an ongoing, sliding-window basis, a smart contract ranks recent top Ambassadors in terms of Nectar token rewards made possible by their Bounty contracts. This smart contract promotes top-echelon Ambassadors to Arbiter status.
- Security Experts automate the analysis of Bounty artifacts and decide whether they’re sufficiently confident in their understanding of the artifact to publicly commit (render an assertion) regarding the artifact’s malicious or benign nature. When an Expert renders an assertion, they place an assertion and a bid into the corresponding Bounty contract.
- Later, Arbiters reach consensus regarding the ground truth of the artifact — whether the artifact is malicious or benign. This ground truth is fed into the same Bounty contract.
- PolySwarm’s Bounty contract rewards Experts who rendered an accurate assertion with Nectar tokens taken from incorrect asserters’ bids.
- Repeat!
Again, be sure to check out our recently-launched How It Works page!
Connect with PolySwarm
That’s all for now; please stay in touch! Join the conversation on Telegram, connect with us on Twitter, send us an email or sign up for notifications concerning PolySwarm’s upcoming Nectar (NCT) token sale and open source release of PolySwarm’s contract code.
~Paul Makowski, PolySwarm CTO
