Subscribe to Chapter One
Chapter OneAnnouncing our $50 million fund to elevate product & design across Web3
The modern Internet is now well beyond escape velocity. We’ll need to continuously adapt to it, and it to us. We’re betting on Web3 as the next evolution of the internet.Foundational technologies like the computer and the Internet have fundamentally shaped the way we live, work, interact, transact, and communicate. The list goes on. Technological innovations bring about disruption, with second and third-order effects that are hard to predict. Tools like Discord and Telegram allow us to coordi...
Chapter OneCrypto Market Fit: Redefining Product Market fit in web3
By Jeff Morris Jr. Since the beginning of the consumer internet, investors and builders have regarded Product Market Fit (PMF) as the north star for any startup. A startup isn’t actually a company until they find PMF. Instead, they are a founding team who are hypothesis testing and proving a set of assumptions to be true. Before finding PMF, founders are lab scientists preparing, testing, and evaluating new reagents and controls. After finding PMF, these scientists masked in Warby Parkers gra...
Chapter OneChapter One Invests In Metal
Large Language Models (LLMs) will reshape every business, industry, and consumer experience, but only if the models, tools, and infrastructure are easy to use and available to everyone. The advantages of artificial intelligence need to be equitably spread to the use cases, problem sets, visions, and new ideas as varied and diverse as we all are. For this to be realized, we have to reframe how information and data are processed and retrieved; a mission Metal – a platform for creating AI-powere...
<100 subscribers
Chapter OneAnnouncing our $50 million fund to elevate product & design across Web3
The modern Internet is now well beyond escape velocity. We’ll need to continuously adapt to it, and it to us. We’re betting on Web3 as the next evolution of the internet.Foundational technologies like the computer and the Internet have fundamentally shaped the way we live, work, interact, transact, and communicate. The list goes on. Technological innovations bring about disruption, with second and third-order effects that are hard to predict. Tools like Discord and Telegram allow us to coordi...
Chapter OneCrypto Market Fit: Redefining Product Market fit in web3
By Jeff Morris Jr. Since the beginning of the consumer internet, investors and builders have regarded Product Market Fit (PMF) as the north star for any startup. A startup isn’t actually a company until they find PMF. Instead, they are a founding team who are hypothesis testing and proving a set of assumptions to be true. Before finding PMF, founders are lab scientists preparing, testing, and evaluating new reagents and controls. After finding PMF, these scientists masked in Warby Parkers gra...
Chapter OneChapter One Invests In Metal
Large Language Models (LLMs) will reshape every business, industry, and consumer experience, but only if the models, tools, and infrastructure are easy to use and available to everyone. The advantages of artificial intelligence need to be equitably spread to the use cases, problem sets, visions, and new ideas as varied and diverse as we all are. For this to be realized, we have to reframe how information and data are processed and retrieved; a mission Metal – a platform for creating AI-powere...
Share Dialog
Share Dialog
We are excited to announce our participation in Hexens’ Seed Round, led by IOSG Ventures with support from Delta Blockchain Fund, Tenzor Capital, Hash Capital, imToken, and strategic angels.
The headlines do not sugarcoat how devastating the failures of smart contracts can be. DeFi in particular has seen several billions of dollars wiped out from novel smart contracts due to exploitable code. While smart contracts are crucial to financial transparency, the attack vectors also increase when code is made fully public to the community.
The tradeoffs between closed source and open source are designed to be disrupted with an open financial ecosystem, however, security is not prioritized enough. Security focus must be deepened throughout pre-launch processes of smart contracts to scale the industry to billions of users and trillions of institutional capital where the risk of attack is mitigated.
Unfortunately, the security auditing practice is difficult for teams in the following ways:
Tier-1 auditing firms have long lead times, requiring LOI months in advance of a scheduled date: Code can be outdated by the time the audit begins. New code that has been developed in the months leading up to the audit will be taken through the scheduling process once again, creating a feedback loop where auditors dictate the pace of product shipping.
Tier-1 auditing firms are extremely expensive: Teams who are self-funded simply cannot afford a security audit. Teams who are in the process of raising funds cannot pay auditors until the fundraising is complete.
Surprisingly the bear market also plays a role in the security auditing practice. Lead times have dropped and the demand for audits has decreased, but it’s crucial to focus on the security needs of teams and develop tooling to create efficient work streams.
Hexens, founded in 2021 by Sipan Vardanyan and Vahe Karapetyan, specializes in security services across blockchain security, security advisory, full-scale pen-testing, and cyber investigations.
The Hexens team placed second in Paradigm’s recent Capture The Flag, an online competition for smart contract hackers. Before going all in on Web3 security, the team has been recognized as world-class cybersecurity experts for over 10 years in the technology industry. Hexens now has a team of 22 employees with expert auditors and developers creating tools to increase the safety of this industry.
In addition to auditing, Hexens has a focus on investigations and has already returned over $13M in assets to hack victims by identifying and de-anonymizing individuals who have taken advantage of smart contract exploits.
Hexens is currently auditing Polygon’s zkEVM and more information on their relationship can be found here.
“Polygon zkEVM is being audited by two security firms, Spearbit and Hexens. An advantage of two auditing teams working independently is that the results each produces is made more robust in aggregate—Hexens’s feedback will be checked against Spearbit’s and vice versa.”
In addition to auditing previous projects for Polygon and now zkEVM, Hexens is also trusted by 1inch, API3, Azuro, and several other blockchain-based projects.
Hexens is also fortunate to have Mudit Gupta, CISO of Polygon, as well as Tyler Robinson, a reputable cybersecurity expert who has a history of successful research and vulnerability findings.
Learn more about Hexens by visiting their website here.
Follow Hexens on Twitter.
We are excited to announce our participation in Hexens’ Seed Round, led by IOSG Ventures with support from Delta Blockchain Fund, Tenzor Capital, Hash Capital, imToken, and strategic angels.
The headlines do not sugarcoat how devastating the failures of smart contracts can be. DeFi in particular has seen several billions of dollars wiped out from novel smart contracts due to exploitable code. While smart contracts are crucial to financial transparency, the attack vectors also increase when code is made fully public to the community.
The tradeoffs between closed source and open source are designed to be disrupted with an open financial ecosystem, however, security is not prioritized enough. Security focus must be deepened throughout pre-launch processes of smart contracts to scale the industry to billions of users and trillions of institutional capital where the risk of attack is mitigated.
Unfortunately, the security auditing practice is difficult for teams in the following ways:
Tier-1 auditing firms have long lead times, requiring LOI months in advance of a scheduled date: Code can be outdated by the time the audit begins. New code that has been developed in the months leading up to the audit will be taken through the scheduling process once again, creating a feedback loop where auditors dictate the pace of product shipping.
Tier-1 auditing firms are extremely expensive: Teams who are self-funded simply cannot afford a security audit. Teams who are in the process of raising funds cannot pay auditors until the fundraising is complete.
Surprisingly the bear market also plays a role in the security auditing practice. Lead times have dropped and the demand for audits has decreased, but it’s crucial to focus on the security needs of teams and develop tooling to create efficient work streams.
Hexens, founded in 2021 by Sipan Vardanyan and Vahe Karapetyan, specializes in security services across blockchain security, security advisory, full-scale pen-testing, and cyber investigations.
The Hexens team placed second in Paradigm’s recent Capture The Flag, an online competition for smart contract hackers. Before going all in on Web3 security, the team has been recognized as world-class cybersecurity experts for over 10 years in the technology industry. Hexens now has a team of 22 employees with expert auditors and developers creating tools to increase the safety of this industry.
In addition to auditing, Hexens has a focus on investigations and has already returned over $13M in assets to hack victims by identifying and de-anonymizing individuals who have taken advantage of smart contract exploits.
Hexens is currently auditing Polygon’s zkEVM and more information on their relationship can be found here.
“Polygon zkEVM is being audited by two security firms, Spearbit and Hexens. An advantage of two auditing teams working independently is that the results each produces is made more robust in aggregate—Hexens’s feedback will be checked against Spearbit’s and vice versa.”
In addition to auditing previous projects for Polygon and now zkEVM, Hexens is also trusted by 1inch, API3, Azuro, and several other blockchain-based projects.
Hexens is also fortunate to have Mudit Gupta, CISO of Polygon, as well as Tyler Robinson, a reputable cybersecurity expert who has a history of successful research and vulnerability findings.
Learn more about Hexens by visiting their website here.
Follow Hexens on Twitter.
No comments yet