Security Management Policy update and Hypernative integration

Summary

This post officializes the collaboration with Hypernative, a Web3 real-time security and risk prevention company, and announces improvements in the security management policy.

Background

In June, Idle DAO approved the M3-2023 budget, including expenses related to Hypernative integration. Used by teams such as Polygon, Karpatkey, Olympus and Starkware, the platform tracks on-chain vault activity and creates customized alerts to react and prevent attacks. The service protects usersโ€™ funds by identifying ongoing malicious activity even before their execution, enabling developers to mitigate the impact promptly.

The advanced security detection started in early July, with Hypernative mapping risks associated with Idle products and activating monitor capabilities to alert Idle contributors about potential threats.
The collaboration with Hypernative will last for 1 year, and its extension will be evaluated in the future.

Specifications

There is a new multi-signature wallet with pauser/guardian rights: 0xBaeCba470C229984b75BC860EFe8e97AE082Bb9f. Itโ€™s a 2 of 5 wallet, with 2 signatures required to execute a transaction and 5 signers. Signers are Idle Leagues contributors.

It is active on Senior and Junior Best Yield vaults and Yield Tranches.
On Senior and Junior Best Yields, this pauser joins existing pausers (Idle Labs multisig on Senior Best Yield, Treasury League multisig and Development League multisig on Junior Best Yield).
On Yield Tranches, this pauser replaces the current address (Treasury League multisig).

The following table summarizes the situation before and after the upgrade.

Product Current Guardians Upgraded Guardians
Senior BY Idle Labs multisig Idle Labs multisig, new pauser
Junior BY TL multisig, DL multisig TL multisig, DL multisig, new pauser
Yield Tranches TL multisig New pauser

Next steps

At the time of this publication, these changes are already in place.

2 Likes

Here is the announcement from Hypernative as well