Building Security Intelligence Platform For Blockchain

Bluzelle Telegram Live ft. Sentinel Protocol

This week we are honoured to welcome the Co-Founder and Head of Operations, Hae Min Park from Sentinel Protocol, with which Bluzelle announced a partnerships recently.

Hae Min Park, Co-Founder & Head of Operations from Sentinel

Q: Hello, any brief introduction on the partnership between Bluzelle and Sentinel Protocol. How will Sentinel Protocol help boost what Bluzelle currently has to offer?

A: Sentinel protocol is building security intelligence platform for blockchain. We have a threat reputation database over blockchain, so that the wallets/exchanges/individual users can refer it to preemptively prevent hackings/scams/all other ill behaviors happening in this cryptoverse.

Q: How does Sentinel Protocol detect these threats?

A: We do have our threat research team in-house, but we are recruiting The Sentinels, e.g. our active users/participants/experts, to take an in-depth look at any breach report coming into our system.

Q: What makes you an edge above the others ICOs or companies?

A: 1. What we are pushing forward is crucial to elevate the entire value of this blockchain technology.

2. We are the only one focusing on this missing link in blockchain ecosystem.

3. With our team + partners (Bluzelle + other) together, we can make it happen in a sooner time frame, addressing huge problem in the space.

Q: Hi HM, for starters maybe you could help explain what sort of data Sentinel protocol intends to store in Bluzelle?

A: To update our TRDB (Threat reputation database) we have a governance logic, and the consensus is being made by the validated cybersecurity experts. Experts need a lot of proof data (files, sandboxing result, logs, screenshots) which could contain personally sensitive information. We are building this portion, a pre-TRDB, together with Bluzelle

Q: What is the advantage of storing the TRDB on Bluzelle vs. a traditional database with an API?

A: We’ve seen many of world leading cyber security firms got breached, and then their centralized database became hackers’ playground. As we are building this crucial defense system for cryptoverse citizens, we do care much about database security as well. Bluzelle’s decentralized database could resolve many concerns about cybersecurity.

Q: I have a question about why Bluzelle selected Sentinel Protocol for security and not any other such platform. What is it about Sentinel Protocol, which is better than any other player in this field, which was the distinguishing factor for Bluzelle to select Sentinel Protocol?

A: It is not about Bluzelle selected Sentinel Protocol as a sole vendor for providing any cybersecurity matter that Bluzelle might have in future. We are working together to make the practical and effective use cases of decentralized DB, and the secure/faster/high available threat intelligence platform together.

Q: Can I ask if there will be some webpage for regular users to report malicious activity? Or maybe 24 hours support system?

A: Yes, we are opening our Sentinel Portal to the public soon. In the meantime, you could refer the MVP demo video in youtube.

This is critical, and YES. Sentinel protocol team (Uppsala Foundation) itself needs sleep and eat as well, but we are doing it by harnessing the collective intelligence and by the group of incentivized experts.

Q: What are your target markets/geographies initially? Is this partnership with Bluzelle anyway helping in your strategy for global growth?

A: Our target market is South / North Asia first. That is why we have already built the formal collaboration partnership with no.1 wallets in Japan/Korea/China. Bluzelle has a strong footprint in North American, so yes. The collaboration with Bluzelle would help us.

Q: Will there be some newsletter to let us know of the cyber incidents?

A: Not exactly in the newsletter form, but yes. Any significant or urgent incident will be shared through our Sentinel Portal.

Q: How does sentinel let exchanges know the threats? Allow exchanges to pull information from the data stored in Bluzelle database?

A: Data stored in Bluzelle is a pre-TRDB data, a refined data will be stored in our blockchain, and this data is a referencing point whenever the transaction happen.

Q: Are you working with any governments/legislators? I think it will be useful to make crypto safer and increase adoption.

A: I cannot exactly name it, but yes. Some government authorities showed great interest in our project. Since cryptocurrency sorted as some asset then stolen is the criminal case, they need to investigate it.

Q: Why store it in two different areas? Would this create some vulnerability and extra effort required to secure two areas instead of one? Especially since Bluzelle is already decentralized and secure.

A: Our TRDB will have its model (with DPOS) which is crafted to our own fit. Later in our roadmap, we will gather all sort of training data for ML-based anomaly detection, and sandbox. This part needs higher transaction speed, higher availability, also personal information leakage proof DB system like Bluzelle.

Q: So your DB will have its ecosystem which is built on top of Bluzelle?

A: Our TRDB will be built on top on ICON. Our pre-DB will be working with Bluzelle to make safer/fail proof/anti-leakage system.

Q: Why does Sentinel need a token? Product requirement, infrastructure requirement or adoption requirement?

A: Our token is a mean for direct compensation to the Sentinels, which are a group of experts or TRDB block producer. There is also a usage fee (paid in Sentinel Token) for our advanced cybersecurity functions.

Q: How would you see this partnership working out in 2 years time? Like what stage of development, usage, etc

A: As I understand, Bluzelle’s working product will be released in later this year. 2 years in cryptoverse is a long period. We, sentinel protocol, want to expedite on releasing our advanced features as well so the people in this space have a good night’s sleep. I would expect Oracle partnering with Symantec kind of shape in that time frame?

Q: You seem to be running your pre-db on top of the Bluzelle protocol. Does that mean you are required to stake Bluzelle?

A: Your understanding is correct.

Q: Do you see KYC providers as a natural integration as well? To Sentinel Protocol.

A: We would expect that is happening too.

Q: Can Ialso ask if you guys will have your own smart contract audit team also do stuff like finding vulnerabilities such as the recent batch transfer uint overflow one?

A: We have the capability, but that is not our focusing area for now.

Q: So you guys will focus on finding threats before resolving them I assume?

A: Sentinel Protocol is the project of building a worldwide integrated intelligence platform. Ultimately, it will discourage hackers from doing ill behaviors. Hacking occurs based on cost-benefit analysis. If hackers can only get a negligible amount of benefit compared to what it takes for them to succeed, they would lose interest significantly, and fewer hacking attempts will occur. What Sentinel Protocol does, is to make hacking itself an unattractive thing to do.

Within Sentinel Protocol platform, stolen cryptocurrency will be automatically tracked in real time, and such information gets shared rapidly around the world among whoever is using Sentinel Protocol database. The more Sentinel Protocol is integrated into major crypto wallets, exchanges, and payment services, the faster the value of stolen assets drops. By incapacitating the value of stolen money, Sentinel Protocol becomes the ultimate countermeasure to crypto cyber crimes.

Q: What would be the competitive advantage of Sentinel Protocol against Symantec? They would have the money to set bounties if they want talents as well.

A: Symantec is such big name in the cybersecurity field. However, unfortunately, they have nothing to do with addressing these harmful behaviors in crypto space.

Q: And I can imagine somehow that Bittrex, Binance, and other exchanges will want to implement some anti-crime countermeasures. They won’t mind paying Symantec big money.

A: but again, Symantec has nothing to do with INNOCENT users sending their valuable asset to hackers/phishing/scam/etc.

Q: How would Sentinel Protocol work? If you freeze a fund. How would legal work out? If the legal proceedings deemed that this freeze is illegal, would the sentinels have to pay for damages? What kind of protection will be given to the sentinels?

A: We are more like CNN figure, we do not directly force to freeze others’ asset. We broadcast, we inform, we alert. But, the actions could done by our business users which is exchanges/wallets/payments/individuals.

Q: What I understand is, once a security incident has occurred, then sentinel protocol starts broadcasting it, but is there anything that you can do to prevent it from occurring? Or once it has occurred, the users of the protocol may get some amount back in some way?

A: In our (very soon to be released) roadmap:

Phase 1: We rely on the data by users’ report, but we will implement to preemptively collect malicious internet access, files, other channels of hacking/scams/phishing/etc, so we can provide a better protection for users.

In that stage, a tight collaboration with Bluzelle is a must.

Users can take more proactive security measures by using the advanced security features we provide. This is how our token economy works, us charging UPP token for more advanced modules.