- How we got here
- The First Highly Automated Economic Security System for Crypto Protocols
We're proud to announce our $20m seed funding round to automate on-chain risk optimization!
We're lucky to partner with crypto trailblazers like Galaxy, Uniswap, Coinbase, Hashkey, Opensea, and fintech giants like PayPal Ventures, Lightspeed, and Bessemer, among many more. In addition to the funds investing, world-class entrepreneurs like Balaji Srinivasan, Naval Ravikant, and Itay Malinger have joined the Chaos journey.
In our first year, Chaos Labs has partnered with some of the top DeFi protocols, including Aave, Chainlink, Uniswap, BENQI, and Osmosis, to secure and optimize the protocols against manipulation and black swan market events while also offering capital optimization recommendations.
How we got here
Before we speak about the future, I want to set the stage by recapping our journey thus far. I have been in crypto since 2012, when I was paid as a contractor in a nascent currency, Bitcoin, and have followed the space closely with the birth of Ethereum. I was entirely captured by the promise of smart-contract-powered, distributed applications.
When applications like Uniswap, Aave, Compound, and Chainlink came to life, the writing on the wall was clear - finance was the killer blockchain use case. The power of open-source and transparent financial protocols was irresistible. In early 2021, I left my engineering role at Instagram to focus full-time on building in DeFi. With DeFi summer's innovation and wave of attractive yields, I saw an opportunity to actively provide liquidity through automated smart contracts. However, with optionality comes risk, and DeFi has much of that.
I spent my days researching the various new protocols and financial primitives to develop my strategies.
One of the earliest DeFi workshops with Omer and Yonatan Haimowitz in Berlin, before he joined as Senior Data Scientist
While leading protocols had amassed billions of dollars in TVL, the infrastructure was nascent and rudimentary at best. All the tools, platforms, and best practices in Web2 still needed to be built and utilized for Web3. The industry was still highly dependent on smart-contract audits and code peer review. While these were great, I was shocked to discover they were the greatest (and only) line of defense. Smart contract audits are essential but are essentially just an in-depth code review. Projects should be doing this anyways!
Additionally, smart contracts audits solely focus on a protocol's code as written by its author but don't address the execution environment or the context in which the code will be used or consumed. One of the greatest attributes of DeFi is its composability. Projects interface with many protocols to leverage liquidity, yield, and a plethora of functionality. While this concept is compelling, it's equally terrifying from a risk and security perspective. It is no longer enough to ensure your code works as expected. Understanding the inner workings of the protocols, dependencies and assets you interface with is imperative.
Developers must realize - while you gain functionality by leveraging third-party applications, you also inherit all of their security vulnerabilities and flaws. The nature of permissionless, composable software makes this even worse - suddenly, we introduce new use cases for how a protocol can be utilized, which wasn't necessarily what the author had intended.
As I deployed capital on-chain, I knew I needed to test my strategies through robust market environment simulations. Over the summer of 2021, I built on-chain simulations to battle-test my protocol and the “money legos” on which it sat. By the end of the summer, several protocols had approached me to use this new tool. It was at this moment that I realized that all platforms, best practices and tools that were considered absolutely mandatory in Web2 didn’t exist yet for Web3. There was an opportunity to build critical risk and security infrastructure that could greatly benefit developers, allowing them to build safer, battle-tested applications while accelerating DeFi as a whole. With this realization, I fully pivoted to building simulation-based risk tooling for DeFi. My close friend and former Facebook teammate Yonatan Hayun joined me full-time in the fall of 2021. We built near-production on-chain simulations using a mainnet fork in a private cloud to accurately mimic the code deployed and real-world scenarios.
Omer with Yonatan Hayun, our CTO in our first Tel Aviv offices
The inbound demand grew, and we started productizing a simulation platform that could scale to serve an industry.
The First Highly Automated Economic Security System for Crypto Protocols
Protecting crypto protocols against economic system exploits and insufficient risk parameters has never been more critical, and new security paradigms are required. According to The Block, total funds lost in 2022 to DeFi exploits reached $2.05 billion, a 48% increase from 2021, as malicious actors and nation-states use increasingly creative methods to exploit on-chain protocol vulnerabilities. Chaos Labs was founded to solve this, securing protocols against economic vulnerabilities and market manipulation events. The company is the first automated risk management platform for crypto, operating best-in-class security practices, including robust agent- and scenario-based simulations. Working with Chaos Labs, teams can optimize capital efficiency and more quickly adapt to ever-dynamic crypto markets – helping them stay competitive without compromising on the security of their protocol.
As the world moves from the opacities of traditional finance to a more open DeFi system, financial risk management must advance accordingly. At Chaos Labs, we believe that every DeFi protocol must regularly conduct robust risk testing to verify and validate that their economic system is secure against hackers and unanticipated volatility. We're working to solve this by bringing world-class security and risk practices in running simulations of millions of economic scenarios on-chain. We've built a team of expert security and infrastructure engineers.
Chaos Labs’ risk suite can help protect DeFi protocols of all structures from malicious attacks with preventative measures and monitoring tooling.
- Optimize Risk and Capital Efficiency: Chaos Labs arms teams and communities with protocol-specific simulation models to understand the impact of varying parameter settings on protocol capital efficiency and risk. Chaos Labs’ state-of-the-art scenario simulation engine can recreate specific attack strategies to test and discover their applicability and profitability and suggest risk mitigation tactics that should be implemented in response. The underlying methodology and inputs are shared for transparency so that the testing process and output results are clearly understood and communicated.
- Streamlined Risk Assessments: Similar to a smart contract audit, but focused on economic vulnerabilities. Developers experimenting with new economic systems and money flows can work with Chaos Labs to analyze how market shifts (e.g., liquidity, oracles, volatility, etc.) may influence or break their protocols’ economic design.
- Spend Optimization: DEXs compete rigorously to scale liquidity available to users to attract trading volume. Chaos Labs’ simulation engine helps protocol teams strategically set incentive spending to maximize ROI on lower budgets, extending the runway through turbulent markets.
You can see our products in action here:
- Simulation parameter recommendations and optimization
- Risk monitoring
- Liquidity incentive optimization
- Asset listing and new market support
The Chaos team
The Chaos Labs team, October 2022, Tel Aviv
Chaos Labs was built on the foundation of creating a team driven by excellence, pushing boundaries, and innovation. We set out to form an ambitious group of problem-solvers ready to tackle one of today's most complex issues head-on.
Today, it is clear we've succeeded with some of the best engineers and operators in offices in Tel Aviv and New York. Our team comprises top engineers from ex-FAANG companies and ex-Israeli Cyber Intelligence (8200) with years of experience in infrastructure, security, and “chaos” engineering, passionate about bridging the gap between traditional finance and the fast-growing world of digital assets.
Our values are clear and are what we stand by with each engagement and decision we make:
- The best simulation environment is as close to production as possible. The Chaos Labs’ cloud platform will spin up an EVM-compatible forked environment for every simulation. Since all simulations are executed on a fork, all code deployed to Chaos can immediately be transferred on-chain and used for production. An additional benefit is that the fork gives us a snapshot of mainnet out-of-the-box. This allows us to run simulations with minimal assumptions and deviations from mainnet conditions.
- Trust, but verify. We can build a test environment and convince you that it is correct, but that trust only goes so far. Our tooling allows community members and anyone they permit to dig into the test environment and push back against assumptions, simulations, optimization trade-offs, and more. Our tooling enables the community to understand precisely how answers came to be determined. We have built a suite of tools and libraries for rich data visualizations, auto-generated analytics reports, and even an internal block explorer so that users can verify the simulation results of each block and transaction.
- Community engagement. We know that we can build the best tools to help test and optimize DeFi protocols, but we can only scale with lasting change if the relevant contributors are on board and actively engaged. Each protocol differs from the code to community risk tolerance, and we do not want to be the only voice translating that into proposed changes. We are a software company building tools to understand and mitigate DeFi protocols’ risks, ideally powered by the communities who care most about them. Thus, we want to engage the community in each proposal, from simulation creation to testing review to proposed change enforcement.
Where we're going next
The team at Chaos has built some amazing tools, and this money is going to go toward two key things:
- Hiring the best team possible across product, engineering, risk, and business (see openings & apply here!)
- Bring it all together into a holistic risk suite of tooling to enhance every protocol and investment team's view of the market and how to best protect their funds against market-based attacks and optimize their respective capital efficiency equation.
Over the coming years, we expect all money transacting on blockchains to run through risk assessment, simulations and exploit-prevention tooling. Be it through automated allocation adjustments based on market conditions or complex simulations stress testing different market environments. Chaos, in the end, will be a cornerstone piece of infrastructure increasing the GDP of the blockchain economy by putting sophisticated and cutting-edge risk management software in the hands of builders and investors.
We will have a lot more to announce in the coming weeks with new partners and world-class product launches, so stay tuned for more information by following us on Twitter or reaching out to see how you can utilize the Chaos suite of tools today.