We are excited to announce our participation in Hexens’ Seed Round, led by IOSG Ventures with support from Delta Blockchain Fund, Tenzor Capital, Hash Capital, imToken, and strategic angels.
Smart Contracts and Blockchain Technology Need Safeguards
The headlines do not sugarcoat how devastating the failures of smart contracts can be. DeFi in particular has seen several billions of dollars wiped out from novel smart contracts due to exploitable code. While smart contracts are crucial to financial transparency, the attack vectors also increase when code is made fully public to the community.
The tradeoffs between closed source and open source are designed to be disrupted with an open financial ecosystem, however, security is not prioritized enough. Security focus must be deepened throughout pre-launch processes of smart contracts to scale the industry to billions of users and trillions of institutional capital where the risk of attack is mitigated.
Unfortunately, the security auditing practice is difficult for teams in the following ways:
-
Tier-1 auditing firms have long lead times, requiring LOI months in advance of a scheduled date: Code can be outdated by the time the audit begins. New code that has been developed in the months leading up to the audit will be taken through the scheduling process once again, creating a feedback loop where auditors dictate the pace of product shipping.
-
Tier-1 auditing firms are extremely expensive: Teams who are self-funded simply cannot afford a security audit. Teams who are in the process of raising funds cannot pay auditors until the fundraising is complete.
Surprisingly the bear market also plays a role in the security auditing practice. Lead times have dropped and the demand for audits has decreased, but it’s crucial to focus on the security needs of teams and develop tooling to create efficient work streams.
Hexens Overview
Hexens, founded in 2021 by Sipan Vardanyan and Vahe Karapetyan, specializes in security services across blockchain security, security advisory, full-scale pen-testing, and cyber investigations.
The Hexens team placed second in Paradigm’s recent Capture The Flag, an online competition for smart contract hackers. Before going all in on Web3 security, the team has been recognized as world-class cybersecurity experts for over 10 years in the technology industry. Hexens now has a team of 22 employees with expert auditors and developers creating tools to increase the safety of this industry.
In addition to auditing, Hexens has a focus on investigations and has already returned over $13M in assets to hack victims by identifying and de-anonymizing individuals who have taken advantage of smart contract exploits.
Hexens is currently auditing Polygon’s zkEVM and more information on their relationship can be found here.
“Polygon zkEVM is being audited by two security firms, Spearbit and Hexens. An advantage of two auditing teams working independently is that the results each produces is made more robust in aggregate—Hexens’s feedback will be checked against Spearbit’s and vice versa.”
In addition to auditing previous projects for Polygon and now zkEVM, Hexens is also trusted by 1inch, API3, Azuro, and several other blockchain-based projects.
Hexens is also fortunate to have Mudit Gupta, CISO of Polygon, as well as Tyler Robinson, a reputable cybersecurity expert who has a history of successful research and vulnerability findings.
Meet Hexens
Learn more about Hexens by visiting their website here.
Follow Hexens on Twitter.