There's never enough eyes out there looking for threats against internet users.
Take the recently disclosed Specter and Meltdown processor vulnerabilities, which showed how threats can linger for years undetected. Though as much as such giant engineering failures get attention, each of us is more likely to be hit by smaller threats, such as an email trick or an attachment loaded with malicious links.
But for Swarm Technologies, there is a lack of incentives for security experts to look as widely as they could.
Spinning out of the security firm Narf Industries, which recently completed a blockchain identity management project for the U.S. Department of Homeland Security, Swarm Technologies believes a crypto token could be a way to close gaps in software more quickly. As such, on Sunday night, the company announced that it will be running an initial coin offering (ICO) for the purpose of enlisting security researchers across the globe in creating a safer internet.
Proceeds raised during the $50 million token sale, which starts February 6, will initially go to building out a platform called PolySwarm, the hub where Swarm hopes security researchers will come together to work on what it calls "micro-engines," specialized software built to scan documents, files and websites that might hide vulnerabilities.
It's becoming a common application of blockchains, this use of a limited data set to galvanize distributed communities toward goals. According to Bassi, Augur, the ethereum prediction market, was of particular inspiration, but while Augur harnesses the wisdom of the crowd to predict outcomes, PolySwarm wants only to incentivize experts.
But to understand the company's mission, it's helpful to understand how threat detection works today, where enterprise companies do scans to check for threats when web users do anything from click on a URL to open an email.
To do this more effectively, Swarm is looking to enlist enterprise IT teams and antivirus software companies that spot new files, new software, new documents that need to be scanned, to farm out those scans to a distributed network of researchers. Those researchers will build machines to do specific scans, and each time they do Swarm will reward the machines by sending them the token.
And in Bassi's mind, this use case will flip cryptocurrency's role as it relates to security – from paying the ransom on encryption attacks to one that makes developing solutions for more niche areas of the internet viable.
Bassi told CoinDesk:
"We're basically trying to re-invent threat intelligence."
Threat intelligence with added economics, is another way to put it.
Swarm's token, or "nectar," will have a finite supply, 70 percent of which will be sold during the ICO. The company itself will keep 15 percent of the tokens, and the other 15 percent will be used to grow the network, including strategic allocations to potential security industry partners.
The company is capping the sale at $50 million, with a $5 million pre-sale. Down the road, Swarm envisions new business lines in assurance services, such as verification of security experts, analysis and insurance.
As an ERC-20 token riding on the ethereum blockchain, Bassi said smart contracts are at the core of what will make the offering succeed. The nectar tokens will be used to make all the payments on the platform, but those payments don't just flow from Swarm to the researchers. The system also requires micro-engines to stake an amount of nectar tokens on its assessment of the digital products it's scanning.
"The tokens they have to put into their assertion also indicates their confidence in that assertion," Bassi told CoinDesk.
Every micro-engine (and in turn the researcher who built it) that makes the correct assessment gets a share of the fee paid for the scan, plus a share of any nectar that was staked by micro-engines that assessed the digital product incorrectly.
And according to Bassi, this mechanism of shared rewards incentivizes researchers to find niche areas to scan, where many other researchers might not be looking.
This is particularly novel in that today's anti-virus company structures incentivize chasing threats against the most widely used software, in an effort to attract the largest possible client base.
He told CoinDesk:
"It provides more incentives to cover the minority populations that are getting hit hard with this stuff."
And yet, Swarm isn't out to totally disrupt the incumbents, such as Norton and McAfee, in the space. Instead, Bassi said, those companies could serve as what PolySwarm calls "ambassadors," actually managing the relationship with consumers while PolySwarm enables them to guard against more threat surface.
Yet, for some, adding a blockchain to this industry isn't going to solve the problems.
According to Jessy Irwin, a security consultant and an alum of AgileBits, the developer of one of the leading password managers 1Password: "I don't see a clear or realistic incentive to adding a blockchain to this particular problem."
Irwin continued, arguing that threat intelligence is already distributed and collaborative.
"Malware hunters and researchers are very much widely distributed in many different kinds of organizations," she said. "The people working on these issues are highly collaborative with one another while they are working on specific projects and campaigns."
Yet, while Irwin is skeptical, other well-known security researchers seem to see value in the platform. Swarm's advisers on the project include Dan Guido, CEO of Trail of Bits, a security firm that's a member of the Enterprise Ethereum Alliance, and Mark Tonnesen, whose done executive stints at Cisco and McAfee.
According to Bassi, "A token is critical to that, because up until a few years ago, we didn't have a way to move rewards across borders in sub-cent amounts without involving the global banking infrastructure."
As Guido told CoinDesk, "They're security engineers who found a new way to solve an old problem with blockchain technology. If another tool fit they job, then that's what they would be using."
But Bassi's convinced that smart contracts are the right tool to get more eyes on threats:
"It encourages the use of a utility token for a service that's deeply needed."
Safety deposit boxes via Shutterstock