DeFiSec Exposed

The purpose of this project is to set a security rating for web3 projects in terms of their traditional attack perimeter. It will give transparency for the entire community.

Comment

Inspiration

More than $ 7,185,771,692 has been stolen. Investors should have more information whereas they invest their money.

A team that can not secure properly their attack perimeter is a candidate for being hacked in many traditional ways like steal private keys from hot wallets in servers, impersonate their core members and perform social attacks and many other vector attacks.

What it does

This product get crypto projects from DeFIllama and get security configurations from their perimeter to check them and provide a security score.

How we built it

We built it using next.js and python scripts.

Challenges we ran into

Analyze the main attack vectors of the crypto ecosystem outside of smart contracts and devise ways to empower users and help teams, without giving the bad guys too many clues.

Accomplishments that we're proud of

We have managed to develop an automatic auditing system of dApps mail, certificates and DNS configuration.

What we learned

We learnt about security configuration standards for main services like mail, dns and certificates that are key to every organization.

What's next for Web3 projects traditional security rating

Next phase will be to perform a report so teams can know their pain points and handle ir properly.

Built With

next.js
python

Updates

Luis Alberto Rodrigo Piqueras posted an update — Aug 26, 2022 05:56 PM EDT

We are evolving the hackaton product to complete it as a real public good. Final URL of the product is: https://www.defisec.exposed/

Log in or sign up for Devpost to join the conversation.

Luis Alberto Rodrigo Piqueras started this project — Aug 22, 2022 04:57 PM EDT

Leave feedback in the comments!

Log in or sign up for Devpost to join the conversation.