SBN

Mainnet360: joint economic and security reviews with Prysm Group

On Monday, October 28th at the Crypto Economics Security Conference, Trail of Bits announced a new joint offering with Prysm Group: Mainnet360. Carefully designed to produce a comprehensive assessment of the security and economic elements of blockchain software, Mainnet360 gives teams a broader perspective that will allow them to build safer and more resilient systems.

The short story: Mainnet360 makes sure a system’s actual deployed code is both correct and economically efficient. These systems are secure only through a complex interaction of economics and computer science; implementation errors in either allow value to be stolen or destroyed. This kind of multidimensional problem is exactly the kind of work we specialize in.

How it works

Since the original Bitcoin whitepaper, decentralized systems have built on a notion of economic security. To avoid having a single privileged administrator, the incentives must be aligned for network participants to maintain the system cooperatively. Realizing this vision requires both a sound incentive model and code that faithfully implements it; errors in either the model or the code can lead to total system collapse.

Mainnet360 clients will receive a comprehensive review of both the economic framework that drives their system and the code with which it is implemented. We will work closely with teams to identify and remove risks, architect future work, and find the ideal technical solutions for tricky economic constraints. Building stable decentralized systems requires a broad set of experts cooperating closely, and we’re proud to offer that in a convenient package.

Our offering extends beyond just design review. Trail of Bits specializes in delivering clients new testing and verification tools, too. Now with Prysm Group’s input, we can extend this tooling further to verify economic properties. Our comprehensive understanding of the risks present in the systems we review means that we can deliver more architectural guidance. Lists of bugs are useful, but strategic guidance to eliminate bug classes puts more power in your hands.

The partnership

Mainnet360 has been in the works for months. After being introduced by DARPA at the Applications and Barriers to Consensus Protocols workshop in February where Prysm Group presented their research on “Designing the market for blockchain nodes,” our teams were struck by the similarity in our assessment processes. Despite our wildly different expertise, we found that we deliver similar advice in similar formats to some of the same clients. We also quickly realized that our skillsets were highly complementary.

After shadowing each other on a few trial projects, we found many of the mechanisms that we were assessing required a perspective that took both code correctness and mechanism design into account. From there, we worked together closely to understand each other’s processes, strategies, deliverables, and limitations. We collected feedback from past mutual clients, reviewed each other’s reports, sat in on each other’s calls, and built a collaborative process.

Now, we are excited to unveil what we have built to the public and work with a first batch of companies to prepare the systems they’re building for real-world usage. If you’re building something that could use this kind of review and guidance, get in touch. We’d love to work together with you.


*** This is a Security Bloggers Network syndicated blog from Trail of Bits Blog authored by JP Smith. Read the original post at: https://blog.trailofbits.com/2019/12/09/introducing-mainnet360-a-joint-economic-and-security-assessment-with-prysm-group/