Overview

This article serves as a case study as to how Kwenta partnered with Cantina - a transparent, efficient, and industry-leading security marketplace for protocols incubated by Spearbit to a comprehensive Operational Security (OpSec) review via Graypoint Security - a guild (onboarded and vetted partner) offering services through Cantina.

Key Stakeholders

Below are the key stakeholders involved in the engagement.

Kwenta is a decentralized derivatives trading platform that offers perpetual futures trading on Optimism. It allows traders to gain exposure to a variety of on-chain and real-world assets. Kwenta is non-custodial, meaning users have full control over their assets. The platform provides advanced functionality through the Kwenta Smart Margin Wallet and aims to facilitate an efficient, flexible, and cost-effective trading experience.

Cantina is an efficient security marketplace incubated by Spearbit that provides protocols with access to leading security service providers, high-signal crowdsourced security reviews called competitions, and dynamic price transparency across Web3 security’s top talent pool.

Graypoint Security is an industry-leading Web2 security services firm specializing in OpSec and delivering simple and actionable security solutions that are meticulously tailored to the unique needs of their clients.

Context and Value Alignment

Cantina has partnered with Graypoint Security, an industry-leading security firm specializing in Web2 security and OpSec (Operational Security) to provide best-in-class Web2 security services for Web3 clients such as Kwenta.

• Why? The largest unaddressed attack surface is not smart contract architecture. Nearly half of all exploited value over the past 2 years was a direct result of traditional Web2 systems and accounts exploitation. These hacks can have devastating financial repercussions such as Ronin from private key exposure (Q1 2022, $625M) as well as reputational damage such as in the Twitter account takeover of Vitalik Buterin (Q3,$700K). It is more paramount now than ever for Web3 protocols to secure their Web2 security posture and implement OpSec best practices. That’s why Cantina and Graypoint Security, an industry-leading security firm specializing in Web2 security and OpSec (Operational Security), partnered together to provide best-in-class Web2 security services for Web3 clients.

Kwenta, as a forward-facing and security-conscious protocol is pushing to cover its Web2 architecture and aligning itself on best practices as we’ve outlined below to maximize its security posture.

The Approach

Below we’ve highlighted the approach to security taken during the engagement to tailor the Web2 security review to Kwenta's unique needs:

Kwenta after having focused on more macro security items wanted to take a specialized approach and begin tackling any inefficiencies or holes in their current OpSec processes and architecture.

The Assessment

Kwenta underwent a comprehensive operational security (OpSec) review of their web2 architecture, conducted by Graypoint Security. The feedback from this review showcases Kwenta's strong approach to decentralized organization, communication, security, and commitment to transparency and open-source principles. Below is a structured analysis of the feedback:

Organizational Efficiency and Team Dynamics

Graypoint's interactions offered a glimpse into Kwenta's organizational efficiency. The structured and organized nature of Kwenta's codebase and the quick collaboration and responsive nature of the team observed underscore Kwenta's effectiveness as a decentralized entity. This level of organization is commendable and suggests a well-coordinated team capable of managing complex architectures.

Excellence in Communication

Kwenta's documentation stands out for its clarity and comprehensiveness, covering the validation of its infrastructure across both decentralized and centralized front ends. This excellence in communication not only facilitated the security review but also underscored Kwenta's commitment to transparency. By ensuring that stakeholders can easily understand and verify the workings of their platform, Kwenta sets a high standard for documentation in the decentralized space.

Security Posture and Awareness

The review highlighted Kwenta's acute awareness of its security landscape, particularly in identifying and documenting centralization points within its architecture. By adopting best practices, Kwenta ensures that users can verify the app's legitimacy, reflecting a proactive security posture. This level of diligence in security matters is critical in building trust and maintaining the integrity of decentralized platforms.

Commitment to Open Source and Decentralization

Kwenta's open-source ethos and dedication to decentralization are pivotal to their security strategy. The review process was notably smooth, attributed to Kwenta's transparent and accessible documentation. This open approach not only makes security vetting possible for any interested party but also aligns with the broader values of the decentralized community. Kwenta's commitment here reinforces its leadership role in promoting security, transparency, and user empowerment in the decentralized ecosystem.

In summary, the OpSec review by Graypoint Security highlights Kwenta's exemplary practices in organizational efficiency, communication, security awareness, and their staunch commitment to the principles of open source and decentralization. These attributes not only enhance Kwenta's security posture but also position the platform as a leader in the decentralized space, setting benchmarks for others to follow.

Kwenta’s Experience with Cantina

Working with Cantina and Dan from Graypoint has been an eye-opening experience for Kwenta. It has not only validated many of the principles Kwenta stands for but also raised the bar for security standards at Kwenta.

In DeFi typically we focus on web3 security vulnerabilities leaving traditional Web 2.0 weak points prevalent in our systems. DeFi's exploit surface area is not always smart contracts, especially when most protocols additionally consist of infrastructure related to front-end and day-to-day operations.

Because Kwenta has adopted a decentralized mindset from the beginning, true to its DAO roots, not one person is allowed to carry too much weight in the DAO. Aka no "bus factors". Deployment keys are not all carried by one person and are rotated each deployment. Infrastructure credentials are split up amongst DAO members. Multiple frontend deployments and a way to run Kwenta yourself. Even email is under BYOE (bring your own email).

Fortunately, this is also a strong mindset for OpSec security because it removes a single point of failure from the DAO which could halt day-to-day operations. In the event that a single Core Contributor (CC) is compromised, the DAO is able to easily recover from the incident and continue operations given the compartmentalized nature of the DAO. This resiliency is why Kwenta still stands strong today.

However, working with a qualified group like Graypoint has highlighted potential weak points even in this highly resilient structure.

Relying on communications through a single centralized point like Discord can lead to issues in communication if Discord is compromised. Imagine a situation where an attacker takes control of Discord to put out malicious messages as an admin. Or worse, if Discord is offline during a coordinated attack against all Kwenta infrastructure. As a result, Kwenta has expanded and secured multiple channels of communication. Using alternatives like X for announcements and implementing strong 2FA and cold accounts for administrative users. Not to mention backup communications through Telegram and Signal for Kwenta CCs.

Another potentially critical, yet subtle vulnerability that exists in many projects and protocols is a supply chain attack. As codebases mature and become larger and larger, the level of complexity arises and it becomes easier to sneak in malicious code that could not only exploit end users but also developers of a protocol. The avenues of exploitation can be through malicious NPM package updates (to the original open-sourced projects themselves) to malicious code pushes.

Kwenta is even more vulnerable being an open-sourced project that allows anyone to contribute. Imagine a Kwenta CC locally installing some packages on a PR submitted by an anonymous contributor to test out new features or bug fixes. Fortunately, package changes are typically minor and heavily scrutinized before being accepted into the codebase. Kwenta also now implements robust automatic screening of third-party code through CI and on local dev machines.

Graypoint security has surfaced different angles of attack for Kwenta DAO not typically covered by a web3 smart contract audits. It's equally as important to make sure the DAO is secure alongside its smart contracts - especially in a space where every protocol is one large honeypot. We look forward to increased security of DeFi, web3, and crypto brought by Cantina and Graypoint security.

Looking for a Security Review?

Come see what the best security talent across Web3 has to offer by visiting us at Cantina. At Cantina we offer comprehensive security services for protocols across their Web2 and Web3 attack surfaces to provide truly expansive coverage. Curious about Cantina for your protocol? Let’s chat 🪐To stay up to date - follow us @Cantina.xyz