What Is Halborn Security?
After the most recent THORChain exploit, Halborn security published an extensive analysis and recommendations for network safety, and possible steps the chain should take to prevent such attacks in the future. Here is a short recap of those recommendations:
- The Router contract should have pause/un-pause functionality on unintended behaviors.
- Implement a mechanism that can temporarily stop the critical functionalities.
- A white-listing mechanism should be implemented on every Bifrost component.
- Enable Automatic Solvency Checker on ETH transactions.
- Only Router emitted events should parse from the component - minimizing its attack surface.
- When smart contracts are deployed into the Ethereum blockchain, they are immutable and not upgradable. In the white-listing progress, Router should be placed behind the proxy.
- Implement a new policy for tracking new bugs.
So what is Halborn Security?
Halborn is advertised as an elite cybersecurity service for blockchain companies.
They work with many well-known names in the industry including SushiSwap, Polygon, Avalanche, Bancor, and others.
Halborn offers the services of ethical hackers and blockchain specialists. These services include:
- Advanced Penetration Testing
- Security Advisor as a service
- DevSecOps and Automation
- Smart Contract Audits
- Custom Software Solutions
During 2020 and 2021, Halborn covered many DeFi exploits on their blog, explaining how they were done and how they can be prevented.
On top of that, the company offers blockchain and smart contract security courses for anyone interested in these subjects.
Reputation and Credibility
The company was founded in 2019, and according to the information on their LinkedIn page, employ 14 people from across the world, but are headquartered in New York City, USA.
Their portfolio includes some very prominent names in the industry, and the team has taken three 1st places in the following hackathons: Net Wars, EOS SF Hackathon and Wyoming Blockchain Hackathon.
More information can be found on their website.