Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
PolySwarm’s Potential And Your ICO Analysis Handbook
How we evaluate ICOs and why PolySwarm meets our due diligence
I want to express my appreciation to PolySwarm’s CEO, Steve Bassi for taking the time to answer my questions.
The purpose of this article is twofold. First, it is an analysis of a project that I think has enormous potential: PolySwarm. Second, as I usually like to do, I am weaving the analysis into a larger theme: our process for analyzing ICOs at our investment and research fund, Eden Block (read more about Eden Block below).
The PolySwarm TLDR:
PolySwarm brings antivirus to the world of DLT (Distributed Ledger Technology, a term encompassing more than just blockchain). The fragmented approach that antivirus vendors take today leaves end users vulnerable to new and targeted attacks. In addition, individual security experts lack effective opportunities to monetize their knowledge. PolySwarm aims to create an incentive based marketplace where experts compete to provide active antivirus solutions to end customers. Essentially, instead of purchasing an antivirus subscription and having it run in the background of your computer, PolySwarm provides the same solution, except it is a decentralized collection of experts trying to provide the most accurate detection.
Their ICO is happening now.
Let’s Begin
It’s the Wild West in the world of ICOs. It’s shoot-outs-in-the-streets, I-can’t-believe-this-is-legal pandemonium. People get scammed. People get ripped off. And it makes sense. Any scammer or con artist with half a brain is targeting the ICO market right now. This means that those investing in the ICO market need to be careful. Unlike with the top 50 market-cap tokens, we don’t have the luxury of assuming that all the ICO projects are legitimate and kosher. I may have my concerns with IOTA and XRP, but they’re certainly legitimate organizations. But that ICO your roommate just told you about? Well you know what they say about assuming…
You’ve worked hard for your money; don’t throw it away. Protect yourself. In this market, knowledge is power. Do. Your. Research. There is no other way. This isn’t to say it’s easy. It’s time consuming; it’s difficult; you’ll get halfway through a white paper and realize you still don’t have any idea what the project is doing. Don’t worry. It’s not just you. But the truth is, the longer you do it, the easier it gets. The longer you do it, the more you can quickly discard trash projects and hone in on the diamonds in the rough.
I want to give credit where credit is due and make clear that I have enormous help conducting my research. People like Mat (@goodguymat), Brad Laurie (@Brad_Laurie), RN (@RNCrypt), NM (@bytesizecapital), and Lior Messika (@Lior_Messika) are exceptional researchers who encourage me to be better. In addition, all the Eden Block team members are instrumental to our analysis.
Step One: The Idea
The project must do something unique, or do it much better than its competition. The idea should be easily comprehendible — don’t let complexity trick you into thinking the project is quality. Quality projects should be able to explain complex ideas simply to their audience.
It’s critical that there is a market for the idea. This fundamental and seemingly simple premise sometimes gets forgotten in today’s “decentralize and tokenize everything” environment. The team could be stellar, the partners exceptional, the marketing on point, but if there isn’t a true need for the project, you are better off spending your money on scratch offs and beanie babies.
There are enough impressive ICOs today that mediocracy is not something we tolerate. If it doesn’t “blow us away,” we’re probably not investing.
“Good is the enemy of great” — James C. Collins
Summarizing Peter Thiel’s thoughts in his book, Zero to One: for a project to monopolize a product in an already existing industry, it must do it magnitudes better than its existing competition. Slightly better won’t cut it. In addition, projects that relay heavily on a wide user base (network effect) — which is essentially every DLT based project — must be as beneficial to their early users as they are for their end users. No project will succeed if it requires a million participants to bring any value to its users. There has to be an incentive for the first ten people to join the network before a million users will ever be achievable.
PolySwarm seeks to revolutionize the cyber security / antivirus industry. To understand PolySwarm, it’s important to understand how the antivirus industry operates today. The goal of antivirus companies today is to make their protocol applicable to as wide of a user base as possible. Specialization hurts their bottom line. Thus, antivirus companies develop their protocols and protection plans individually; each covering the “standard” threats. If they don’t, they can’t compete. It doesn’t matter that there are tens of plans offering the exact same protection. This means that significant effort and money goes into identifying threats that all the other antivirus protocols already identify. Providing targeted antivirus detection for specific industries, as well as evolving quickly to meet new threats, is difficult at the level of a massive company. Complicating this even more is that overlapping antivirus coverage is not possible. You can’t mix and match antivirus plans.
“The current situation is that antivirus is anywhere from 50–74 percent effective against new malware. I think part of the reason is that you have the single vendor solution where we sort of split our resources amongst many vendors and those vendors have to duplicate efforts to detect basically the same stuff. But they don’t put their staff to work detecting the new malware around the fringes of what faces their customers. They play to the middle of that bell curve. And this is true for every single, single-vendor, anti-malware, vendor. What if we got behind the idea that we could redo the economics behind antivirus?” — Steve Bassi
Ultimately, this means that anti-viruses today are limited in their effectiveness and enterprises must utilize a wide (and expensive) collection of antivirus, threat detection services, and analysis tools. PolySwarm seeks to change this. They effectively want to create a marketplace where “experts” compete to determine if content is safe or unsafe. This content can be nearly any online content, from emails and documents, to websites and programs. Clients can be anyone, from enterprises to home users.
However, one of the more challenging aspects of designing a decentralized ecosystem is ensuring that incentives are properly constructed. People are motivated by incentives. Offer enough reward for beneficial behavior and enough disincentive for malicious activity, and a decentralized ecosystem can thrive. Fail to do so and you will have the blockchain equivalent of Somalia.
To help encourage adoption of their decentralized marketplace, PolySwarm introduces another actor in addition to the consumer and the experts designating content as malignant or benign. Ambassadors serve as optional middle men, reducing the barriers to adoption with active enterprises. With ambassadors, enterprises can continue paying their normal antivirus subscription fee, but instead pay an ambassador. The ambassador connects the enterprise with the relevant services within PolySwarm. Ambassadors provide an easy avenue for adoption. When a consumer needs an antivirus-related answer, ambassadors will broadcast the message, coordinate with experts, and ultimately, weigh expert responses to generate the eventual benign or safe judgement. Recognize that most of this is automated and takes significantly less than a second.
A relationship between what PolySwarm calls experts (those providing detection for clients) and ambassadors provides an incentive based model keeping everyone honest. Experts work at determining whether a program is safe or unsafe. Ambassadors then refute or confirm the accuracy of the expert’s evaluation. Reputable ambassadors, known as arbiters, vote on truths. These truths define absolutes that are then compared against the experts’ evaluations. If the expert was correct, he is rewarded. It works similar to Augur, or any other prediction market. Experts “bet” on their evaluation by staking tokens. If they stake tokens and make a legitimate, and later confirmed, prediction, then they receive their stake + some reward. If they’re found to be incorrect, they lose their stake. A reputation system and matching algorithms ensures that experts and arbiters stay honest and are rewarded for their reputability.
For the end user, PolySwarm won’t be that much different than these guys
From a practical standpoint, PolySwarm will operate similar to how your antivirus works today. It will run backend on computers, scanning documents, emails, and websites to keep you safe. Real time detection will occur via the dynamic between experts, ambassadors, and arbiters ensuring that there are no lapses in the coverage. Security can be as dynamic, specialized, and focused as necessary, while still protecting against the “standard” viruses. Entire enterprise systems could be secured via PolySwarm. Fees will remain competitive as the free market creates competition. But the antivirus will be far more effective.
Our conclusion about PolySwarm is that they identified a problem in an industry and are designing an elegant solution. The network doesn’t require an enormous user base to be productive, yet will also be able to scale successfully.
When we explore an idea, we have specific questions we keep in mind. Here are the questions, and how they specifically relate to PolySwarm:
- What are the barriers to adoption? Obviously, facilitating adoption is difficult, especially when you are targeting institutions and enterprises. However, PolySwarm’s inclusion of ambassadors, means that companies will only need to pay their subscription fee like normal, and receive better protection than previously.
- How could someone manipulate the system? Especially with decentralized systems, it’s important to recognize that if someone can manipulate the system for their own gain, they will. If there’s a way, there’s a will. PolySwarm addresses this with reputation and with staking. Experts generate a reputation according to how correct they are in their evaluations. Staking tokens in a prediction-like market ensures that beneficial behavior is the kind that pays. Some question whether PolySwarm will incentivize people to create both malware and their unique anti-malware. However, as Bassi says, “it costs between 5 and 10 thousand dollars to develop a piece of malware.” Considering that one only earns pennies for scanning files and emails, and that a malicious actor would be competing against other experts trying to honestly develop solutions, it’s just not economically feasible for this to occur.
Step 2: The Team
Pick a team that wins championships
An idea is only as good as the team behind it. Delivering a new product, in a new industry, all while utilizing new technology is enormously difficult. If the team lacks the relevant experience, it’s just a pipe dream. Honestly, we usually evaluate the team before the idea. Understanding an idea is time consuming; an efficient way of filtering projects is by quickly judging the team’s quality. Ph.D.s, serious experience, and strong technical backgrounds are keys that we look for.
There are some tricks projects will pull to arbitrarily strengthen their team. Statements like “developed software for Google, Facebook, and Yahoo” doesn’t necessarily mean they worked for those companies; more likely they worked for some type of consultant company that was contracted. Watch for superfluous, filler, bios that are light on details and specifics. And of course, cross-check everything on LinkedIn. Can’t find them on LinkedIn or their bios don’t match? PASS.
We place a heavy emphasis on the technical developers and their relevant experience.
PolySwarm — The Team:
The team comes largely from Narf Industries, a company specializing in security research and development and which completed contracts for DARPA (Defense Advance Research Projects Agency). The team has a strong government background. Several of the team members were members of sk3wl of r00t, a hacker team that won the world series of hacking (DEF CON CTF) several times.
The team has largely refocused all their efforts towards PolySwarm.
Steve Bassi, CEO: Steve founded the company Narf Industries and worked there for nearly seven years. With an M.S. in Computer Science, he worked for two years as a programmer for the Naval Research Labratory.
Paul Makowski, CTO: Paul has a Masters Degree in Information Security Technology from Carnegie Mellon. Paul worked as an analyst at the NSA before taking a job at Narf with Steve. At Narf, Paul developed malware disinfection solutions and worked on blockchain related projects. He worked as an engineer for McAfee and won one of DefCon’s hackathon competitions.
Ben Schmidt, Director of Product Security: Ben has a M.S. in Computer Science and also comes from Narf Industries. He worked as a hacker at the U.S. Department of Defense and also won a competition at the DefCon hackathon.
Nick Davis, COO: Nick also came from Narf and programmed defensive technology for the company. He worked as the head of the Navy’s Threat Analysis and Network Forensic Department, as well as an analyst for the Navy’s Information Operations Command.
The following people are also PolySwarm team members: Max Koo, Senior Backend Developer; Adrian Escude, CMO; Bill Fehr, VP of Growth and Partnerships; and Evelyn Hytopoulos, Chief Economist and Data Scientist.
PolySwarm boasts an experienced team. I appreciate that the whole core team has a strong technical background. This is not a project of opportunists who have no technical experience. They are approaching PolySwarm with a strong fundamental understanding of how to develop technical projects.
Step 3 — Advisors
A strong advisory team brings significant value and legitimacy to projects. Relevant advisers bring expertise and insight to a team. In addition, by aligning their name with the project they are staking their reputation — they must have a level of confidence to do so. However, recognize that there is a paid market for advisory positions in this market; take them with a grain of salt.
PolySwarm — The Advisors:
I will highlight the advisors who I feel are relevant to the legitimacy of the project.
Mark Tonnesen: Mark is the most impressive advisor for PolySwarm. Mark served as the CIO for EA, McAfee, Logitech, and as the VP of Cisco. He also served as the Senior Advisor to the US Department of Homeland Security.
Dan Guido: Dan was an adjunct professor at NYU where he taught a cybersecurity course. He is now the CEO of Trail of Bits, a cyber security firm.
Chris Eagle: Chris wrote IDA PRO, a popular book about reverse engineering. Chris teaches Computer Science at the Naval Postgraduate School.
I appreciate their advisors’ strong cybersecurity backgrounds. Tonnesen and his background at McAfee is very impressive. This brings both expertise and legitimization to PolySwarm.
Step 3: The Partners and Investors
Partners and investors bring enormous networking and financial help. Especially large, legitimate funds and institutions have their own extensive due diligence processes for determining quality projects. An investment from VCs like Sequoia, Link, FBG, or Fenbushi, holds significant weight. However, be aware that scam sites may still illegitimately list strong partners and investors. It’s enormously important to independently confirm partnerships, especially for early stage projects. Another trick that many projects will use is that they will list their paid consultants and agencies as “partners.” Deloitte is likely not partnering with that ICO…
PolySwarm — The Partnerships and Investors:
I will highlight the advisors who I feel are relevant to the legitimacy of PolySwarm.
Eden Block: Eden Block supports strong DLT projects with investments and objective analysis. After an extensive due diligence process, projects that pass Eden Block’s review are supported via a wide network of researchers and content producers, highlighting the truly revolutionary projects to the greater community.
Swarm VC: A new cooperative ownership VC fund.
BlockTower VC: Blocktower is one of the larger, more reputable blockchain VCs. The firm was started by managers from Goldman Sachs, including their former VP. The fund raised $140 million in August and has received investments from Union Square and Andreessen Horowitz.
Science VC: Science VC is an incubator and venture capital fund that supported non-blockchain projects such as Dollar Shave Club. They have since transitioned to DLT and work towards incubating promising projects in the space.
PolySwarm has also partnered with the following ICOs and companies: Cyber Triage, Binary Ninja, and Rivetz.
Blocktower, Swarm, and Eden Block bring significant backing to PolySwarm. Institutional backing increases dramatically the resources available to PolySwarm.
Step 4: Additional Relevant Information:
Investigating a project’s GitHub is critical. GitHub is a site that allows projects to publish their open source code. An empty GitHub is generally a red flag, however, some projects wait before publishing their code to prevent intellectual theft. It’s important to recognize that many GitHubs will look “full,” but all the content will be forked. This means that it’s not original source code. Also, check how recent and often the code is updated and by how many developers. The more developers, the better.
PolySwarm: PolySwarm doesn’t have a well updated GitHub and much of it is forked. The team has said that this will change post ICO in order to limit potential hacks on the ICO. Publishing the code would allow for hackers to work towards finding loopholes in the ICO code.
ICO practices
Some projects do what is called Proof of Contribution meaning that in order to participate in the ICO, one must provide proof of some kind of contribution towards the project. This can be in the form of publications, reddit posts, tweets, etc. Its a turn off when we find projects utilizing these methods. It generally results in a flood of low quality posts and overwhelms the actual quality content being produced on their social media.
PolySwarm: PolySwarm has no Proof of Contribution.
Website
A quality website is important. Team information should be clearly outlined. A clean and clear website demonstrates a commitment towards the project and a high level of professionalism. Depending on the project’s location however, sometimes we make exceptions for this. Projects out of Asia at times have very low quality websites. You can read about my reasoning for that here.
PolySwarm: PolySwarm has a quality website. It clearly outlines their vision and highlights the partners, advisors, and team members.
Community Engagement
Especially when deciding on ICOs to invest in, it’s important to understand one, how many in the community are aware of the project, and two, what the project’s level of engagement is with the community. From the project, I want to see active posting on Twitter and Medium, as well as a well administrated Telegram and Slack (if they have one). I place less emphasis on Facebook as it is not generally the main engagement platform.
PolySwarm: PolySwarm has a well administrated Telegram, although it lacks a bit in numbers (partly due to the fact that they did not do a Proof of Contribution campaign). They frequently update both their Twitter and Medium.
Step 5: Token Economics
This is entirely subjective. The smaller the cap, the less the risk. It’s much easier for a $10 million cap ICO to 10x than it is for a $50 million cap project. However, with quality usually comes a higher cap. It is a rare day to find a sub $30 million gem.
PolySwarm: PolySwarm is still in the process of conducting their ICO with a $50 million cap. This is high for an ICO and they likely won’t sell out. Steve commented on this: “We realize our hard cap is high, and it’s aggressive. The main reason for that is that if you look at rounds A, B, and C on any good security company on Crunchbase, they raise between 40 and 70 million.” Steve reiterated that PolySwarm will be able to achieve its goals even without hitting the hardcap, albeit a little slower. From a legitimacy perspective, we’re comfortable with this; they understand their value and have set a goal. From an investment perspective, it’s obviously negative.
Lockup Period
Some projects have lockup periods, although this usually only applies to presales. As with caps, our willingness to invest with long lockups is entirely dependent on the quality of the project.
PolySwarm: No lockup period.
Early Presale Bonuses
Projects with large presale bonuses usually dump when they hit exchanges. Recognize that if you’re buying at ICO price on a token that sold for an 80% discount in its presale, you’re effectively buying almost at a 2x. This isn’t a problem if you’re the one getting the discount, but definitely should be a consideration if you’re not. Massive discounts are also a turn off in terms of a project’s legitimacy. This is supposed to be a legitimate company, not a casino.
PolySwarm: PolySwarm sold $18 million in a presale to institutional investors with bonuses ranging from 30–50%. The next $32 million are split into tranches with bonuses depending on the quantity of ether raised. We are comfortable with these bonuses; even the 50% is appropriate given the bonus opportunities provided to the public.
Step 6: Roadmap
Roadmaps should be well defined and clearly determined. It’s important for the project to document their plan and approach and convey that to their investors. Investigate as well the timeline for the launch of a project’s mainnet. Obviously, the sooner the release the better. Projects with launch dates years in the future for their first main product are going to encounter a significantly different competitive climate than the one in which you are now investing.
A project that fails to meet their roadmap deadlines will see that reflected in their valuation.
PolySwarm
Alpha Version 1: 30 April, 2018 — the first iteration of PolySwarm, Alpha version will allow Ambassadors and Experts to test transactions on the test network for a trial period.
Beta Version 2: 31 May 2018 — PolySwarm’s second release; this will be the first test of the payment channels between Ambassadors and Experts.
Gamma Version 2: 31 July, 2018 — the goal of Gamma is to implement the matching protocol that will match Ambassadors, Experts, and Arbiters. They will also begin implementing the PolySwarm registries.
PolySwarm 1.0: Q4 2018 — PolySwarm 1.0 will be the first version implemented on the mainnet, allowing for actual, functional use of the network. End users will be able to request experts’ antivirus solutions and pay accordingly.
PolySwarm 2.0: Q2 2019 — PolySwarm 2.0 will expand the functionality of PolySwarm and enable more efficient operation with enterprises and home users.
PolySwarm has a well defined roadmap, clearly outlining their step-by-step goals. It’s planned release of Q4 2018 is reasonable and will likely allow them to maintain their first mover advantage.
Summary
As we progress towards true DLT adoption, those who do their own due diligence will reap the biggest rewards. The industry is ripe with scams, cash grabs, and incompetency. A holistic evaluation of projects accounts for not only the viability and functionality of the idea and underlying technology, but also investigates the expertise of the team, the support of the community, and the project’s institutional backing.
PolySwarm fits our criteria as a strong, longterm investment. Obviously, no investment will fit every criteria. However, I understand the potential in PolySwarm’s vision. There is clearly a need in the antivirus industry for a solution such as this. I think that with PolySwarm’s experienced team, strong institutional backing, and well-designed technical roadmap, they are in a position to offer such a solution. This is a project that I am very confident supporting.
Disclaimer: This is not investment advice, merely our opinion on the project. Do your own research. We did not receive payment from the PolySwarm team and this is in no way sponsored content. We do hold PolySwarm tokens (NCT).
Hold down the clap button if you liked the content! It helps me gain exposure .
Clap 50 times!
I love getting questions or suggestions, so comment away!
PolySwarm’s Potential and your ICO Analysis Handbook was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.