Case Study #13: "How We've Protected $1.2 Billion from Smart Contract Hacks"

Abhishek Singh didn't set out to be a Web3 watchdog. But after 15 years in India's dot-com and media industry, he couldn't ignore the $16 billion elephant in the room: smart contract hacks. Now, his Bengaluru-based startup SecureDApp is on a mission to make blockchain security less of a headache – and a lot more accessible.

Company:
SecureDApp

Founded:
2023

Headquarters:
Bengaluru, India

Key Highlights:

  • Addressing critical Web3 security needs

  • Developed AI-based vulnerability detection tool (Solidity Shield)

  • Created real-time contract monitoring system (SecureWatch)

  • Offering security solutions from pre-deployment to runtime

  • Pivoted based on market research and founder interviews

  • Bootstrapped using customer capital, founder capital, and grants

  • Maintaining lean operations and frugal spending

  • Focusing on consistent communication over hype in marketing

Hello! Tell us who you are and what your backstory is.

I come from a small town called Bokaro, Jharkhand in India. With over 15 years of experience in the dot-com and media industry, I've done my Master's in business management from Bangalore University. I have worked with some of the best startups in India, building and scaling the marketing vertical of leading companies. My passion lies in creating and communicating value for end-users and serving as their voice within the company. Having built and led marketing verticals for some of the biggest startups in India, I've always been intrigued by developments in the Web3 space. This curiosity ultimately led me to venture into the Web3 security space alongside my co-founder Himanshu Gautam.

We spent several weeks working together, evaluating different startup ideas, and brainstorming potential solutions to complex problems. Our meetings were filled with debates, insightful discussions, and plenty of brainstorming.

However, one day, our common link suddenly left, leaving us feeling uncertain about the future of our collaboration. But instead of letting the setback discourage us, we decided to stick to the idea of starting something on our own without him. We worked tirelessly over the next few months, putting in long hours and pouring our hearts and souls into our new venture. Despite the challenges and setbacks along the way, we remained determined and focused, driven by our shared vision and passion for success.

And finally, after much hard work and dedication, we launched our startup and from then on are building it.


Can you give us your elevator pitch?

$18.8 million is the value of an average loss per smart contract hack.

The global losses due to smart contract hacks reached $16 billion in 2023.

This demands an urgent need for robust security solutions. SecureDApp's Solidity Shield and Secure Watch, ensure the security of a DApp from inception to scale, from pre-adult to runtime monitoring. It proactively identifies vulnerabilities, and attacks and safeguards your valuable assets from cyber attacks.



What was the moment or situation that sparked the idea for your business?

While we were brainstorming about several issues in the blockchain space, we found that the security layer is the most critical and needs very thought-through solutions for it to scale. My co-founder Himanshu has been deeply involved in the web3 space since 2018, gaining extensive experience across various domains, including token launches, NFTs, DAOs, smart wallets, and chain creations. Throughout his journey, he noticed a significant need for improvement and standardization in the Web3 security space. It was primarily his idea that we picked as a team to solve it via products as against the service drive approach.

Driven by a sense of responsibility as an active community member in the web3 space, We decided to address this critical issue.


How did you test and refine your initial product idea, and were there any significant pivots or changes in direction based on initial feedback or market response?

We built our hypotheses based on hacks happening in this space. We assumed that a security audit of the codes would solve it. To our surprise, we found that more than 83% of the DApp still have vulnerabilities are they are prone to attack.

Hence we decided to build products to cater security needs of a DApp at different life stages. We spoke to 30+ founders building into this space and from there we conceptualized our products. And on this, we logic we have been building,

A)One of our flagship products, Solidity Shield, is an in-house AI-based vulnerability detection framework. This tool allows developers to scan their contracts against over 100 standard vulnerabilities, providing a comprehensive security assessment. In addition to automated scans, we offer manual auditing services to verify custom logic developed by dApp teams and conduct thorough analyses of all potential issues.

B) Our commitment to security extends beyond the deployment stage. We have developed SecureWatch, currently in its beta launch phase, which enables project teams to continuously monitor their deployed contracts in real-time. SecureWatch detects any vulnerabilities, alerts teams through various channels, and provides remediation measures to address any urgent issues promptly.

C) Looking ahead, we are excited about our latest innovation, SecureTrace. This tool is designed to delve into transaction execution levels to identify traces of issues and investigate transactions on a broader level across different chains. By providing deep insights into transaction behavior, SecureTrace aims to enhance the overall security and reliability of web3 applications.

Our comprehensive suite of products addresses the full spectrum of challenges faced by development teams, allowing them to remain stress-free and focused on innovation. By ensuring robust security at every stage, we are dedicated to fostering trust and facilitating the mass adoption of web3 technologies.


What specific strategies or decisions significantly contributed to the growth and scaling of your business?

At SecureDApp, we ensure our leadership in technological advancements and industry trends in blockchain security through continuous innovation and strategic foresight. We actively monitor and integrate the latest developments in blockchain technology, staying updated with emerging threats and evolving best practices. Our dedicated research and development efforts focus on enhancing our AI-based auditing tools like Solidity Shield. Secure Watch, ensuring they remain at the forefront of vulnerability detection.

Additionally, our commitment to ongoing education and collaboration within the blockchain community allows us to anticipate and adapt to shifts in security paradigms swiftly. By maintaining this proactive approach, we at SecureDApp remain poised to deliver cutting-edge solutions that safeguard decentralized applications effectively in an ever-evolving landscape.


Can you share some major challenges and how you tackled them?

Acquiring and retaining challenges has been the most difficult part. We can't afford a good and experienced talent and all those who we train and nurture move out as soon as they get a better offer and we have to again build the team from scratch.


How did you really get to know your customers and market?

Market research, personal use cases, and ongoing hacks in the Web3 space gave us enough understanding of the product and its niche along with ICP.


What's the story behind your brand and marketing approach?

We believe in consistency over hype. We try to maintain a uniform image and always want to listen to our customers and their pain points. We love to address those pain points in articles, blogs, videos etc. We have some cool marketing properties like the #Outsmart series, which is a satire on our community to make them feel light every week.


How did you attract and secure your first customers? 

Our previous relationship and face value, that these guys will not run away with my money. A big boost for us as our names gave us quite a few clients and from their our service to them.


What's been your approach to product development? 

Yes, we do take customers' feedback to improve. In fact, we keep talking to our fellow community members and the funders who are building into our targeted space. We also keep a close watch on what is the need of the market now.


What are the top 3 products/tools that have had the biggest impact on running your business?

Mongo DB, LinkedIn Sales Navigator, and Google Workspace.


How are you leveraging AI to cut costs in your business?

I think it helps in the marketing and tech team.


How have you navigated the financial aspects of your business? 

So, far we have run our business on A) Customer capital B) Founders capital C) Grants. We have maintained a lean team and have been very frugal with our spending. Soon, we are planning to go for a raise. Will keep you posted once we are ready for it.


What future do you envision for your company? 

We see ourselves being one of the leading players in the blockchain security space. We strive to bring in the first two options for every client when they think about their web3 security.


Is your team growing? Tell us about the roles you’re looking to fill.

Oh yes! We are onboarding the head of growth for international business, head of R&D, Operation leads, etc. We are on the lookout for good global talents to join hands.


Where can curious minds find more information about your business?

- Website
- Linkedin
- Twitter
- Youtube


Do you have any reflections or insights you’d like to share with our community?

There are many but one that is very close to me is, "Do not fear, still stay humble"


Interview with
Abhishek Singh
Co-Founder & CEO @ SecureDApp