We are happy to share a text-based AMA with Akbar Ahmed, CEO of Sentrix. AMA was divided into 3 sections.
- Guest introduction and George Connolly, CEO of OneLedger shared his vision about this partnership
- Questions from the Telegram chat https://t.me/oneledger
- Live questions
You can read it here: https://t.me/oneledger/493434 or read the short RECAP in text mode below. Please note, that questions have not been redacted.
Segment 01. Introduction
Hi all, I hope everyone is doing well today. Thanks for joining this AMA. We invited the CEO of Sentrix - Akbar Ahmed, to join this conversation about security and blockchain, including the AI approach that Sentrix is using to lead the market.
And we are still waiting for George to join the conversation, he just sent me a note about electricity issues in Barbados.
I think we should start with the official press release about this partnership. It's on our blog - you may read it later for more details https://blog.oneledger.io/oneledger-announces-partnership-with-sentrix
We have already published the Podcast, and I think it was one of the best podcasts published in our OneLedger Talks series of videos. If you missed it - listen to it here https://www.youtube.com/watch?v=GEa8dAW8XQM
Q1: So, please introduce yourself, Akbar! What do you think will be the most interesting part about Sentrix and your experience, that our community needs to know?
Akbar: Great question. I will start with one of the more important aspects of security for blockchain-related projects. What we've seen so far is that security is still a manual process. Audits are a good example. While other areas of software development have implemented tooling to improve security, this is an area where blockchain-related projects have room for improvement. This is why we built BlockChainSentry. The goal is to provide smart contract developers with a professional-grade security tool to improve security throughout the entire smart contract lifecycle.
George Connolly: I am excited to share the vision behind this collaboration. We understand that as blockchain continues to reshape industries, ensuring paramount security is non-negotiable. I love this product and as `I have always said, we build real-world solutions and this is another great one.
Akbar: I think when we look to the near future, blockchain security will benefit from security tooling, much like we've seen in prior technology waves such as cloud. The idea of ensuring web app security by doing manual security reviews is antiquated. At some point in the near future, the same will happen with Dapps and smart contracts.
Q2: I know that you co-founded a couple of successful startups in Tech. What's your estimation of this market that you've just described?
Akbar: The use of blockchain is rapidly increasing. For example, Citi just announced the use of blockchain to upgrade their financial infrastructure. The bigger picture is that the entire global financial infrastructure will be modernized by blockchain, which is independent of tokens. We're also seeing similar upgrades to supply chains. And the environmental applications of blockchain are growing. So, when we look at this at scale, the need to secure the financial system, the supply chain, carbon credit markets, etc. is substantial.
Q3: How can dApp developers build safer applications on the OneLedger chain, using your technology? And what is your product about?
Akbar: Let's look at a few areas where dApp developers run into security issues. First, the smart contract itself needs to be secure. This started during the development of the smart contract. Next, the security of dependencies is critical. This means that as a developer, we also need to ensure the quality of any 3rd party contracts that we depend on. And third, it's important to ensure our contracts stay secure over time as new vulnerabilities are discovered.
Sentrix BlockChainSentry addresses security at each step:
- Smart Contract Development: BCS tests and verifies security at every step of the development flow. From the local desktop to scanning GitHub repos, to build/deploy.
- BlockChainSentry can continuously scan 3rd party contracts so that you know the risk of using a specific contract as a dependency.
- BlockChainSentry continuously scans deployed contracts to test/verify security as new vulns are discovered.
Q4: Some of our community members are coding smart contracts or plan to develop new dApps. But I think everyone is scared about hacks, so it's a stop factor for the chain to grow. How can I use your technology, if I want to verify that my smart contract built on OneLedger is safe?
Akbar: Let's start during the development phase. As a developer, you may have a newly written smart contract that is local to your laptop. You can use BlockChainSentry to scan the smart contract on your local laptop. Think of this like an automated, super-fast audit. So, now you start to grow and multiple developers are writing the smart contract.
At this point, you'll put the contract into Github or a similar repo. So you need to ensure the security not just of your work, but other developers as well. What you would do is connect BlockChainSentry to your Github repo to continuously scan for security problems during every commit.
Q5: Is it AI-powered or not? If yes - how exactly does it work?
Akbar: We view AI as adding a new capability. It does not replace traditional security measures, but it does enhance them. We use a large set of detectors to start. BlockChainSentry has more detectors than any other blockchain security tool. So, this is where AI becomes useful. We use AI to provide its security assessment, and then use the AI results to enhance our traditional approach. Specifically, our AI provides two key benefits:
- It's capable of finding issues that cannot be found using a traditional approach
- The AI reduces the false positives, which reduces noise and makes it easier for you to focus on the vulns that should be fixed.
Segment 02. Pre-recorded questions
Q1: “This integration ensures that developers can create dApps with enhanced security features" - How technically will this be implemented?
Akbar: There are a few approaches to implementation. But the first step is always the same. First you'd sign up for BlockChainSentry. Our website is BlockChainSentry.com. After you have signed up, the easiest step is to set up a local scan. A local scan will allow you to scan a smart contract that exists on your local laptop.As mentioned above, step two would be to set up a Github scan. And now you're ready to deploy on OneLedger. This is step 3.
You can then connect BlockChainSentry to OneLedger so that you can scan your deployed contract.
Lastly, you can also connect to other contracts deployed on OneLedger to verify the security of any 3rd party dependencies that you use.
Q2: “Does Sentrix already have ongoing discussions or have customers who want to use their solution/develop? according to my research, Sentrix seems to be a new company but limited employees. When I listened to the interview, it felt like a lot was in the idea phase, which I understood will take a long time before it bears fruit."
Akbar: Sentrix has deployed products that are in use by customers. Sentrix’s BlockChainSentry security platform is built by a team of experienced security professionals. Sentrix has worked with Ford and recently participated in the T-Challenge with Deutsche Telekom/T-Mobile. The company has also partnered with a major German blockchain company with operations in Dubai.
Basically, BlockChainSentry is in use to secure some critical infrastructure.
Q3: Exactly how I will see the fruits of this partnership on the Oneledger blockchain?
A: As we want to grow the ecosystem, we need more audited smart contracts and dApps running on the blockchain. This is how anyone can use the software from Sentrix to build more decentralized apps and startups using the OneLedger chain.
Segment 03. Live Questions & Feedback
Q1: Thanks for this partnership Sentrix team, bull is coming and I hope with the bull and increasing activity on the OneLedger blockchain
Q2: I like your website looks very professional I'm not a dev so I can't try your security solutions but maybe one day I can increase my coding skills
Akbar: Please take a look at BlockChainSentry as a good approach to securing your smart contracts.
Q3: Like somebody said in a previous message Akbar really really explained the all steps for devs who want to use Sentrix solutions. Being that clear and easy to use is very important because generally using security solutions is not the easiest thing in the world
Q4: Lovely energy from Akbar and CMO this energy will boost the confidence of everybody in this community and I hope electricity problems will be solved ASAP from Georges side living without electricity even for 2 - 3 hours is very bad
.