SingularityDAO dApp Security Assessment and Mitigation Strategies by SoftServe
SingularityDAO (SDAO), a decentralized finance (DeFI) protocol, is an initiative of the SingularityNET Foundation (SDAO), to simplify access to the cryptocurrency economy and is completely deployed both on-chain and within the AWS Cloud. The protocol is designed to offer actively managed and non-custodial on-chain trading strategies of cryptocurrencies, supported by superior risk management and analytics tools.
The client’s business plan called for their SingularityDAO protocol to grow their business by adding additional sources of data to analyze their digital assets. The goal was to find an optimal architectural design that will aid SingularityDAO’s exponential growth in a secure environment.
SoftServe’s goal was to stress test the existing AWS Cloud architecture, adopt new security measures where needed, and provide recommendations for best practices in cloud security in related development processes. The main objective was to identify areas of potential risks and weaknesses, and to provide the foundation with high-level recommendations for improving its security posture.
By conducting this security awareness, SingularityDAO would be able to focus its attention and resources on the protocol’s rollout and future deliverables.
SDAO desired to grow its business with new analytics streams that would increase the available technical instruments and indicators for on-chain and off-chain data (from CEX and DEX). SDAO also needed new capabilities that would provide platform users with a safe and easy way to manage their investment portfolios.
SoftServe’s main challenge was to build a cloud-agnostic approach for a data analytics platform, and to illustrate the key architectural decisions that were being made to the SingularityDAO team. The new analytics platform would also have to support new product services, which were key to SingluarityDAO-DynaSet plans.
And to address concerns voiced by members of the SingularityDAO team, SoftServe would need to host a series of architectural sessions to gain client team buy-in and explain technical decisions regarding technologies or approaches being used. SoftServe team members would also provide comprehensive analysis and commentary regarding all technical questions.
The solution for SDAO’s needs consisted of a robust, secure, and scalable analytics back-end engine. One that could process high volumes of trading and social data for investors to leverage hidden insights for their portfolios and management, based on AI-driven decision recommendations.
This platform would be able to process historical and real-time data that could meet SDAO’s high performance, availability, and scalability requirements.
Project planning and assessment
SoftServe’s team of security experts conducted a kick-off meeting with SingularityDAO representatives to understand the context of the resources used by the client. Then, a series of tests were performed against the AWS configuration, based on these standards:
- CIS Amazon Web Services Foundation Benchmark v1.40
- AWS Well-Architected Framework: Security Pillar
- Cloud Security Alliance Cloud Controls Matrix (CSA CCM)
AWS Services used in the assessment
- AWS API Gateway
- AWS Certificate Manager
- AWS CloudFormation
- AWS CloudFront
- AWS CloudWatch
- AWS CloudTrail
- AWS Config
- AWS DynamoDB
- AWS EC2
- AWS ECR
- AWS EKS
- AWS ELB
- AWS GuardDuty
- AWS IAM
- AWS Inspector
- AWS KMS
- AWS Lambda
- AWS Macie
- AWS RDS
- AWS S3
- AWS Security Hub
- AWS VPC
Third-party applications or solutions used in the assessment
Open-source tools such as ScoutSuite, Prowler, and Cloudsplaining.
When the assessment was completed six weeks later, SoftServe delivered a pilot implementation plan for the analytics platform, including training and learning sessions for the SingularityDAO team on how they could further enhance and scale the new platform.
SoftServe conducted an exhaustive security assessment of the existing architectural design and delivered a detailed report on security improvements to avoid any security vulnerabilities without restricting the development of the protocol’s roadmap.
A security roadmap with recommendations on an architectural level to improve SingularityDAO’s security posture was also presented, based on the client’s business goals. Using this step-by-step plan, the client will be able to reach their short- and long-term goals.
Said Marcello Mari, SingularityDAO’s CEO, "SoftServe always delivers the best-in-class value for enterprise software development. The technical collaboration is always of the highest quality."
Following this successful cloud security assessment, SDAO was able to:
- Increase their growth by secure data processing and analytics through architectural design and backend engine implementation.
- Improve platform trust by auditing the hosting environment and applying the best security and cloud practices.
- Modernize SDAO’s existing analytical solution to support new services and data insights.
- Reduce portfolio management risks by enabling additional technical indicators that allow the use of artificial intelligence, which permits traders to rebalance portfolios more precisely.