Submitting for TalHarris of Chainalysis
Chainalysis’ Crypto Incident Response (CIR), the leading crypto readiness and response solution, is an important security measure to have in place to protect Radiant in the event of a hack or exploit. By procuring CIR, Radiant will have access to continuous threat monitoring coupled with Chainalysis’ world-class team of sophisticated investigators and cybersecurity experts on standby 24/7/365. In the event of a hack or exploit, our global team is ready to respond immediately, which limits the scope of damages and increases the likelihood of recovering exploited funds. With Chainalysis’ Incident Response, bad actors are deterred from your protocol and are ultimately less likely to attempt an exploit.
In 2022, $3.8 Billion in crypto was stolen, primarily from DeFi protocols with a high percentage exploited by North Korea-linked attackers. As a result, it has become a top priority to have enhanced security measures in place that go above and beyond smart contract audits and bug bounties. In the last few months, other leading projects like Abracadabra, Morpho Labs, and Aura Finance have eagerly adopted Chainalysis’ Incident Response solution to keep their projects and communities safe.
CIR aligns with the core component of Radiant’s mission to keep your community safe. Having funds swept away by an unknown threat actor, never to be seen again, will cause irreversible damage to your community, your users, and your brand. CIR helps protect against these risks and empowers your users to interact with your protocol with confidence. Safety and security are also at the core of Chainalysis’ mission of “Building Trust in Blockchains”. To this end, we have continued to expand our Incident Response offering and include additional security measures such as Operational Security audit and guidelines, Emergency Response planning, and real-time smart contract monitoring. CIR helps ensure that Radiant has a robust security framework to defend against the evolving threat landscape and the most sophisticated threat actors.
What constitutes an Incident that triggers our Response Program?
Anytime there is an unauthorized withdrawal of cryptocurrency or a cryptocurrency ransom demand. This includes assets of the DAO as well as community members who could be impacted through their use of Radiant’s protocol.
CIR delivers numerous benefits to the Radiant community, including:
Hack Deterrence: The best outcome is Radiant never getting hacked. CIR helps deter hackers by letting them know a leading global crypto investigative team is on your side.
Partnering with the Best: CIR enables Radiant to tap into Chainalysis’ expertise for complex blockchain analysis and investigations. To date, Chainalysis has aided in the recovery of over $11 Billion in stolen funds through our own investigations and others we’ve supported.
Reaction Time: In the event a hack occurs, having Chainalysis in place decreases the time to respond and increases the likelihood of asset freezing and recovery by the customer or law enforcement.
Technical Skills: Our proprietary tools and years of experience tracing funds through various types of complex platforms is a crucial part of CIR. This applies to both identified and unidentified mixers as well as existing and new bridging protocols between blockchains.
Continuous Threat Monitoring: Our partnership with Hypernative.io enables us to monitor your protocol for advanced threat detection.
Network: Chainalysis has a huge customer base and, with it, a sizable network of both professional and personal connections to almost all significant exchanges and services in the crypto space. Additionally, our strong relationship with Law Enforcement Agencies around the world makes us efficient in engaging the relevant parties when needed.
Ultimately, CIR ensures a comprehensive security approach that goes beyond Radiant Capital’s current security vendors, such as PhishFort, Immunefi, Open Zeppelin, and others. If the community has questions about how CIR works with or complements your existing tools and frameworks, we’d be happy to address them.
Implementing Chainalysis Incident Response requires no technical integration and minimal time investment. Our comms prep, war room exercises, and OpSec review can be conducted with your security team. Similarly, generating a partnership announcement for deterrence purposes can be done in partnership with our respective marketing teams.
Setting up preventive monitoring with our partners at Hypernative.io does not require a technical lift.
The CIR offering runs for 12 months and can be renewed annually. Radiant can choose the Service Start date that is most appropriate.
Note: the Service Start Date does not need to be the same as the contract signing date. Services and onboarding will begin on the Service Start Date.
The annual investment is $30,000. It can be paid with a stablecoin, RDNT, or USD.
SLAs: Chainalysis will provide the Crypto Incident Response service set forth herein upon its receipt of written notice from the Licensee of a breach of the Licensee’s systems or network that directly involves:
(i) the unauthorized withdrawal of cryptocurrency from the Licensee or
(ii) a cryptocurrency ransom demand from Licensee (each, an “Incident”).
Crypto Incident Response will be limited to no more than one hundred (100) hours, in the aggregate, during the twelve (12) month period following the Order start date (the “Incident Period”). The Crypto Incident Response service will only be available to the Licensee for bonafide Incident(s) that occur during the Incident Period. For the avoidance of doubt, Chainalysis will have no obligations in connection with any Incident(s) that arise outside of the Incident Period. If additional hours are required following the 100-hour cap, Licensee shall be responsible for paying Chainalysis’s then-current rates for such services on a time and materials basis.