Cybersecurity is a critical component of a technology-driven society. Traditionally, cybersecurity solutions were provided by trusted third parties. This model has several weaknesses, with being a single-point-of-failure being the crucial issue. Moreover, these solutions are black boxes to the users.
With the developments in blockchain technology, it is understood that a decentralized solution to provide cybersecurity can address the prevalent issues in the enterprise security model. Naoris Protocol aims to do precisely that. Naoris believes that a decentralized cybersecurity solution would be helpful to both Web 2.0 and Web 3.0 spheres. Arguably, Naoris is facing a highly fragmented and competitive market.
Inspired by Gartner’s Hyperstructure idea, Naoris Protocol is a Decentralized CyberSecurity Mesh. The project’s blockchain features a Decentralized Proof-of-Security (dPoSec) consensus mechanism, an extension of the traditional BFT method. In addition to blockchain technology, Naoris proposes to utilize Artificial Intelligence (AI) to augment its solution.
Although centrally developed, Naoris envisions becoming a DAO-governed protocol with quadratic voting.
The project, currently at an early stage, has to improve its legal and compliance aspects, social and project virality, project timeline, and introduce a comprehensive tokenomics plan to gain a higher level of community acceptance on par with other successful projects.
Our researchers gave Naoris Protocol a final rating of C. The rating scale is available at the end of this report.
PRODUCT & COMPANY DESCRIPTION
Introduction to Naoris Protocol
According to its whitepaper, “Naoris Protocol is a Decentralized CyberSecurity Mesh” (ref. 1). The project’s idea is to use blockchain technology to turn any device into a reputable validator node in its structure—the proposed system design centers around the recent Hyperstructure idea proposed by Gartner (ref. 2). In addition to blockchain technology, Naoris proposes to utilize Artificial Intelligence (AI) to augment its solution.
The project’s purpose-built blockchain will underpin a consensus mechanism called Distributed Proof of Security (dPoSec). The proposed protocol operates using what it termed “Verge Clusters.” Verge Clusters carry case-specific security and compliance logic to ensure the integrity of all networks, devices, and processes using the protocol. This way, Naoris tries to turn each device into a trusted validator node. As devices validate each other on a tokenized structure, a trusted communication layer is established among them.
Validators stake CYBER tokens and are rewarded for trusted behavior that secures the network.
Vision: “to build a Decentralized CyberSecurity Mesh that is: Unstoppable, Permissionless, Minimally Extractive, Valuable, Expansive, Positive Sum, and Credibly Neutral.”
Naoris Protocol aims to provide cybersecurity for Web 2 and Web 3. Blockchain projects can adopt Naoris to avoid cybersecurity risks and protect the integrity of their validators and nodes.
The traditional enterprise security model is plagued with growing risks due to evolving nature of the digital and cyber interactions of millions of people. The enterprise model has mainly become vulnerable due to the latest developments in many aspects of technology. Most importantly, the current solutions are single-points-of-failure due to their trusted nature.
Naoris believes that a decentralized solution offering a zero-trust framework that enables Identity & Access Management (IAM), endpoint security, and segmentation is the solution to the aforementioned evolving risks. Moreover, its approach is presumed to be novel and unique in that it complements traditional centralized cybersecurity solutions (Web 2.0).
The emergent blockchain solutions also have weaknesses. For instance, decentralized blockchain solutions have elements relying on Web 2.0 infrastructure. So do Web 2.0 cybersecurity solutions. These Web 2.0 solutions are not geared for blockchain or Web 3 requirements. By delivering on its promise, Naoris could become an ideal solution to security problems faced by the blockchain and Web 3 world.
Naoris has a whitepaper that explains the Naoris Protocol CyberSecurity Mesh Hyperstructure framework. However, it is heavy with jargon, and explanations of the protocol are diluted among generalized blockchain concept explanations. It also gives the impression that Naoris plans to achieve many broad and complicated outcomes within a single protocol. Using more straightforward and plain language could be more informative and appealing to a wider audience. The mesh structure idea has been influenced predominantly by the work done by Gartner.
Security is undoubtedly one of the significant risks any entity wants to mitigate or alleviate. Cyber threats are ever more challenging and complex. Therefore, the traditional enterprises and emerging blockchain industry (ref. 3) constantly strive to devise solutions to tackle it. However, conventional cybersecurity solutions are provided by centralized third parties, which suffer from being a single-point-of-failure. Blockchains, by nature, can address many of the drawbacks of centralized models. The result is that many projects try to innovate around the identity, corporate and financial realms with blockchain-based cybersecurity.
How blockchains can be applied in cybersecurity. Source: Disruptor Daily
However, it appears that Naoris strives to offer a holistic product (Identity & Access Management (IAM), endpoint security, and segmentation) to address the broader issues rather than focusing on one vertical such as identity. Being decentralized and blockchain-based makes Naoris a good fit for blockchain projects and differentiates it from traditional cybersecurity providers.
However, Naoris is still at a very early stage. It is still not backed by any major cryptocurrency project (like Ethereum, Solana, or Algorand). There is no trace of collaboration with other projects on its website or any announcements on its Medium. This type of affiliation is vital for the success of Naoris as it aims to add a security layer to other blockchains. Naoris should be able to work closely with other blockchains so its solutions could be adaptable to them, considering the likelihood that many issues would arise when attaching Naoris protocols to other blockchains. Only collaborating with other projects can help to overcome these issues.
Based on our understanding, the project has several success factors. These factors are listed below:
- Naoris addresses an increasingly important problem in the traditional and blockchain world — Cybersecurity.
- The team and advisors have substantial experience in the cybersecurity field.
MARKET CONDITIONS AND COMPETITION
As per a report published by Deloitte (ref. 9), the nascent blockchain technology can be a valuable tool to address cybersecurity challenges. It also highlights that while blockchain technology can be used as a helpful defense against cybersecurity threats, it is not the end. Instead, blockchain instances should also follow the typical cybersecurity checklist to ensure safety.
The global cybersecurity market is projected to grow from $155.83 billion in 2022 to $376.32 billion by 2029, exhibiting a CAGR of 13.4% (ref. 10).
Common forms of cyberattacks. Source: LeewayHertz
The crypto space is constantly fighting threats. As depicted in the graph below, the losses are swelling rapidly. The total funds lost in Decentralized Finance (DeFi) stood at $5.2 billion, and only $1.2 is believed to have been returned.
The sector’s reaction has mostly been centered around security audits, although the audits are not a guarantee that such platforms or protocols are secure. In addition, other operators are attempting to provide solutions like decentralized identity (DID) and some security solutions within a selected vertical such as distributed Public Key Infrastructure (PKI). One could therefore deduce that the space has become more fragmented. Arguably, naming service providers (like Ethereum Name Service) could be categorized as decentralized DNS providers. Hence, many services in the market intersect with the cybersecurity vertical in some way or another.
Per market data (ref. 11), the cybersecurity coins segment currently accounts for ~$178 million, showing that the sector has not found much traction like many others.
Total Funds Lost (orange) and Total funds returned (blue). Source: DeFi REKT Database
There may be a handful of competitors to Naoris. However, since most blockchain projects take care of their security in-house, there are no significant third parties in this field.
We have also witnessed projects attempting to provide blockchain-based cybersecurity but failing due to regulatory issues, e.g., Levelnet.co.
Several centralized initiatives are trying to provide cybersecurity solutions as well. ColorTokens offers a decentralized approach for zero trust architecture, DNSFilter also provides services in the field of decentralized cybersecurity, and Frontal targets Web 3.
Startup projects like Arcana Network focus on decentralized storage, identity, access management, and key management services to help developers build secure and privacy-preserving apps. Other examples include GUN, PolySwarm, HAPI, and REMME.
Naoris does not want to compete with existing Layer 1 and Layer 2 solutions and aims to complement Web 2.0 players.
Naoris Protocol is still in its very early stages; therefore, it has not publicly made any source code available. Moreover, it is not easy to gauge the project’s development stage without a public roadmap. Nonetheless, it wants to promote open-source development, as discussed in the whitepaper. The project does not want to be another black box tool. One of its design principles is to be “expansive” and allow builders to build on top of it.
Naoris adopts a Peer-to-Peer (P2P) design pattern leveraging blockchain and AI, a decentralized Cybersecurity Mesh, which is a form of “network of networks.” The project has not released a Minimum Viable Product yet.
The two key roles in the Naoris ecosystem are:
- Users: subscribe to the protocol’s cybersecurity services (companies, networks, and individuals),
- Validating Nodes: validate work on the system.
The legacy cybersecurity offerings are centralized (black boxes) and a significant single-point-of-failure. Naoris’ fundamental selling proposition is to offer a decentralized alternative to the legacy system to eliminate the above drawback. Moreover, Naoris wants to serve Web 2.0 —a segment usually comfortable with centralized solutions— and Web 3.0 players. That means Naoris needs to implement a blockchain or a distributed ledger-based solution.
The whitepaper claims that Naoris will be showcasing what they called a Decentralized Proof-of-Security (dPoSec) consensus model that is EVM-compatible. It falls under the well-known Byzantine Fault Tolerance (BFT) consensus mechanism family. However, Naoris’ model is proposed to be an extension of BFT. It has also been claimed that this mechanism can record 50 thousand to 1 million processes, network state changes, and general transactions per second. However, there was no evidence that a similar blockchain architecture processed such a magnitude of transactions. Therefore the claims are difficult to verify.
The whitepaper further outlines that the proposed protocol operates using a new sharding-like architecture called Verge Clusters. Verge Clusters carry case-specific security and compliance logic ensuring the integrity of all networks, devices, and processes using the protocol.
The project is very early in its development cycle; hence, no audit is available.
The project’s team has not published a detailed and time-bound roadmap for the project. Per the Telegram conversation, the project has a fundraising roadmap currently at the private funding rounds stage.
Most of the tech and blockchain skills of Naoris are coming from Datopic, an IT product engineering company based in India. The co-founders are first-time founders with vast senior management experience in IT and Cybersecurity. The rest of the core management team brings profound technology, finance, marketing, technical, blockchain, and analytics expertise.
David Carvalho (ref. 12) functions as the Founder, CEO, and Chief Scientist of Naoris Protocol. Naoris was founded as a research project into cybersecurity. Previously, David worked as a Chief Infomation Security Officer with several large-scale companies. He holds the CISSP accreditation and graduated from Universidade de Aveiro.
Monica Oravcova (ref. 13) is the Co-Founder and COO of Naoris and now Naoris Protocol. Until recently, she was also the CEO of Wish And Cook. In the past, she worked for Edwards, and AT&T. Monica obtained her master’s degree from Nottingham Trent University.
Guy Davies (ref. 14), Chief Marketing Officer, was responsible for partnerships at Boson Protocol in the project’s early days. He previously held sales and business development roles with multiple entities, namely Blockpass, Chain of Things, and CloserStill Media. Apart from his position at Naoris, he’s also an advisor to Footbole, and Brixton Pound.
Naoris’ advisory panel consists of 11 members.
Knut Grandhagen (ref. 15) is Head of Communications (NAF Cyber Defense) at the Norwegian Armed Forces. He has been serving in the Norwegian Armed Forces since 2005. Knut does not list his role with Naoris on his LinkedIn profile.
Brendan Holt Dunn (ref. 16) is the CEO of Holdun Family Office. He also serves as an advisor to multiple projects. Additionally, he founded an accelerator, The Holt Xchange. Brendan does not list his role with Naoris on his LinkedIn profile.
Elena Gaudette (ref. 17) is a Product Operations Leader at Workiva. Previously, she has worked for AuditBoard, Cisco, and Naval Undersea Warfare Center. She obtained her MBA from MIT Sloan School of Management. Elena does not list her role with Naoris on her LinkedIn profile. She has assisted on the draft Whitepaper of the project.
Nuno Marques de Almeida (ref. 18) is an Assistant Professor and Researcher at Instituto Superior Tecnico. He is also a founding partner at Porvalor.
Miguel Oliveira (ref. 19) works as an Adjunct Professor at Universidade de Aveiro.
Bruno Ahualli has listed himself as Marketing Advisor to Naoris. However, the Naoris website does not currently identify Bruno as such. The other project advisors are Magda Chelly, Jane Frankland, Jeehyun Chang, Richard Baylie, Dennis S. Lee, and Svein-Erik Nilsen. Only three of the eleven advisors listed their involvement with Naoris on their LinkedIn profiles.
General Comments on the Team & Advisors
Naoris is not currently hiring for any positions on the team.
The advisors to the project come from various backgrounds, including Cybersecurity, startup founders and entrepreneurs, and from the academy. However, few of them have blockchain experience.
During our review period, we did not find evidence that the team members or advisors have taken part in any previous or current illegal or controversial projects.
As mentioned before, the Naoris project was launched in 2017-18. As per researcher findings, Naoris attempted a token offering in the past. There were no further details available on the project’s status over the 2017-2019 period.
Brendan Holt Dunn’s startup The Holt Xchange has participated in the Pre-Seed funding round of Naoris in March 2021 (ref. 20).
LEGAL AND COMPLIANCE SPECIFICS
Naoris Protocol has not been transparent regarding the jurisdiction where it is registered.
Naoris plans to be a DAO-governed protocol, using quadratic voting.
Naoris Protocol announced the Soma Innovation Labs partnership. The partnership is expected to bring cyber trust to all underlying devices and networks that Soma Labs operates upon (ref. 21).
The project has not appointed legal advisors, and none of the current advisory panel members have a legal background. Most of the advisors come from cybersecurity and blockchain backgrounds.
Nonetheless, there is an internal team member responsible for compliance. Per his LinkedIn, Naoris has formed a Legal Council to identify local regulators and ensure compliance with local regulations.
João Ferreira Santos (ref. 22), Head of Compliance, holds a Law degree from the Faculty of Law of Lisbon University and is a licensed Lawyer. His legal career has been with Naoris since 2018, where he has been a Legal Advisor. Before that, João had a short stint with BNP Paribas in AML Investigations. Otherwise, he spent his time in different roles in business development and account management at Banco BPI.
KYC & AML
At this phase of Naoris development, its AML/KYC procedures are also unclear. Submitting for early access to Naoris token results in an error, and it is not clear the type of information needed for early access.
Naoris has not announced the public token sale yet. Currently, it is conducting private sales.
The proposed protocol token, $CYBER, will have several utilities within the ecosystem:
- CYBER tokens have to be provided as a stake to participate in the network’s consensus.
- Validators receive block rewards (consensus rewards).
- Token rewards to device holders.
- Transaction fees.
$CYBER, the proposed token ticker of Naoris, is associated with a project called CyberDAO that has been untracked by any data platform.
Naoris has not launched a public token offering yet. Therefore, detailed tokenomics are not available in the public domain.
According to public sources, Naoris has raised an undisclosed amount in two funding rounds (including non-equity assistance from CORFO) participated by startup accelerators (ref. 23). As disclosed in a 2021 YouTube conversation, Expert DOJO, an early-stage startup accelerator in Southern California, was looking to invest a million dollars in Naoris.
SOCIAL MEDIA AND VIRALITY
The project’s social media presence is relatively new. It has actively shared project-related news on its Twitter account. The account has gained 3.3k followers, growing from ~2.4k followers in April 2022.
Although the project has a presence on Telegram and Discord, Telegram happens to be the most popular channel for community discussions. The project’s Telegram channel, launched in February 2022, has gathered 3k followers. On the other hand, the Discord channel has only onboarded 120 members. Usually, social media traction grows around public launches (incentivized testnet or token offerings).
The project’s LinkedIn account is regularly updated with posts mainly about the Cybersecurity industry. The LinkedIn account has 241 followers (not significant compared to other projects). It is noted that some of the project advisors and team members are reacting to selected posts. Naoris’ website does not list its LinkedIn channel under the community section.
Naoris Protocol has not yet established its YouTube channel. The Co-Founder, David, has appeared on a third-party podcast.
There is no ongoing bug bounty program at present.
Naoris in the Past
Since Naoris was incorporated around 2017, there has been a social media presence, albeit with no meaningful traction on such platforms (which have become inactive since 2018). For instance, Naoris’ inactive Twitter handle launched in December 2017 relates to its early product iteration. The project also had an active Medium channel. Its old YouTube channel has been inactive for four years. There are YouTube discussions where the founder of Naoris discusses the project and its token sale. Naoris’ older Telegram channel no longer exists, and its LinkedIn account has not been active for six months.
As the project gains more traction in the future, many interested parties will likely find the past social media accounts confusing to them and paint a different picture.
RISKS TO THE PROJECT
The following list of risks is not an exhaustive one. Some of these risks are internal, and others are Sexternal to the organization. Some risks may be minor/not materialized.
- Industry Risks: The crypto industry is very volatile. Any extended periods of negative or lackluster industry performance could negatively affect the project’s progress.
- Regulatory/Legal Risks: The occurrence of regulatory inquiries or regulatory actions could restrict or limit the project’s progress. Moreover, evolving or new laws and regulations anywhere in the world may negatively affect the project. The project’s ability to comply or not comply with these new laws or regulations could have financial or reputational risks involved. Moreover, any investor lawsuits could also be detrimental to the project’s future.
- Technological challenges/security risks: The project has still not released an MVP, and no specific date has been announced for any product launches. Therefore, at this stage, we cannot gauge the real-life functionality and performance of the network. There may be risks associated with blockchain protocols, like malfunction or attack on the protocol that may even adversely affect the tokens.
- Lack of adoption/interest: Bootstrapping a project of this magnitude may be challenging for many internal and external reasons. If the team fails to deliver a product or the product does not meet expectations, the community will likely abandon the project.
Everything you see in this report is the aggregate result of an extensive research process carried out by a distributed team of researchers and crypto enthusiasts around the world. The process consists of 60 questions divided into three phases. Researchers are called to answer these questions about a project, while providing links or screenshots as evidence to support their answers. For every answer, they also provide a rating from zero to ten. The average of their ratings is detailed below.
Our researchers gave Naoris Protocol a final rating of C.
This Report is for informational purposes only and/or all or any of its content thereof, should not, may not and will not be taken to constitute, either as a whole or in part, any investment advice or recommendation or similar, regulated, or authorized advice, and D-Core by producing, disseminating, giving away, or making available this Report does not, should not, may not and will not be taken to advise on investments, or carry out any similar activity, or any regulated activity or any other authorized activity. D-Core is not authorized by the Financial Conduct Authority or by any other competent EU or elsewhere or otherwise competent authority to carry out any regulated activities and/or any activities within the scope of these authorities’ competence.
D-Core excludes and disclaims all liability and/or responsibility whatsoever and/or howsoever caused, arising out of any actions, or omissions taken, or made by any authorized and/or other recipient of this Report in reliance on, or arising out of, or in connection with any or all content of this Report. Any authorized and/or other recipient of this Report acknowledges, accepts and agrees that they carry out their own independent research and act in their own sole risk in reading or using any or all information contained in this Report. In any event, recipients of this Report are urged to seek professional advice before making any potential investment decision in relation to the project described herein. Any authorized and/or other recipient of this Report accepts this Disclaimer in full. For the avoidance of doubt, this Disclaimer is binding against any recipient of this Report whatsoever.
- “CyberSecurity Mesh: An Industry Overview …and why the model ….” 18 Apr. 2022, https://medium.com/@NaorisProtocol/cybersecurity-mesh-an-industry-overview-and-why-the-model-needs-to-change-db253465f120. Accessed 14 Jun. 2022.
- “The Top 8 Cybersecurity Predictions for 2021-2022 – Gartner.” 20 Oct. 2021, https://www.gartner.com/en/articles/the-top-8-cybersecurity-predictions-for-2021-2022. Accessed 14 Jun. 2022.
- “What is Blockchain Security? | IBM.” https://www.ibm.com/topics/blockchain-security. Accessed 15 Jun. 2022.
- “Naoris.” http://18.104.22.168/. Accessed 18 Jun. 2022.
- “Naoris to Launch Blockchain-based Cybersecurity in the Middle East.” 6 Aug. 2018, https://www.cryptonewsz.com/naoris-to-release-blockchain-based-cybersecurity-in-middle-east/. Accessed 15 Jun. 2022.
- “DeNet proves the cybersecurity of its blockchain-based ….” https://irishtechnews.ie/denet-proves-the-cybersecurity-of-its-blockchain-based-decentralized-platform-for-data-storage-and-hosting-with-naoris-technology/. Accessed 15 Jun. 2022.
- “NaorisToken (NAO) Token Tracker – Etherscan.” https://etherscan.io/token/0x1ab9570281c7b3ceec24524d4fd7d94a8fe1a8c8. Accessed 15 Jun. 2022.
- “Full text of ‘Naoris Whitepaper.” https://archive.org/stream/whitepaper-en-1528889613/whitepaper-en-1528889613_djvu.txt. Accessed 18 Jun. 2022.
- “Blockchain and Cybersecurity – Deloitte.” https://www2.deloitte.com/tr/en/pages/technology-media-and-telecommunications/articles/blockchain-and-cyber.html. Accessed 15 Jun. 2022.
- “Cybersecurity Market Overview by Size, Growth & Trends, 2029.” https://www.fortunebusinessinsights.com/industry-reports/cyber-security-market-101165. Accessed 15 Jun. 2022.
- “Cybersecurity Coins – CryptoSlate.” https://cryptoslate.com/cryptos/cybersecurity/. Accessed 15 Jun. 2022.
- “David Joao Vieira Carvalho – Naoris Protocol – LinkedIn.” https://uk.linkedin.com/in/david-joao-vieira-carvalho-4479b8103. Accessed 10 Jun. 2022.
- “Monica Oravcova – Co-Founder and Chief Operating Officer – LinkedIn.” https://pt.linkedin.com/in/monica-oravcova. Accessed 10 Jun. 2022.
- “Guy Davies – Chief Marketing Officer – Naoris Protocol – LinkedIn.” https://uk.linkedin.com/in/guy-davies-80309513. Accessed 10 Jun. 2022.
- “Knut Grandhagen – Head of Communications, NAF Cyber Defence.” https://no.linkedin.com/in/knut-grandhagen-37041522. Accessed 11 Jun. 2022.
- “Brendan Holt Dunn – CEO – Holdun – LinkedIn.” https://bs.linkedin.com/in/brendanholtdunn. Accessed 11 Jun. 2022.
- “Elena Gaudette – Product Operations Leader – Workiva – LinkedIn.” https://www.linkedin.com/in/elena-gaudette-0b81a7a2. Accessed 11 Jun. 2022.
- “Nuno Marques de Almeida – Professor – University of Lisbon | Linkedin.” https://www.linkedin.com/in/nuno-marques-de-almeida-78695a5/. Accessed 18 Jun. 2022.
- “Miguel Oliveira – Adjunct Professor – Universidade de Aveiro | LinkedIn.” https://pt.linkedin.com/in/noideasforurlpath. Accessed 11 Jun. 2022.
- “Pre Seed Round – NAORIS – Crunchbase Funding Round Profile.” https://www.crunchbase.com/funding_round/naoris-pre-seed–82adcf21. Accessed 11 Jun. 2022.
- “Naoris Protocol announces Soma Innovation Labs partnership.” 26 Apr. 2022, https://medium.com/@NaorisProtocol/naoris-protocol-announces-soma-innovation-labs-partnership-a5c745feb193. Accessed 15 Jun. 2022.
- “João Ferreira Santos – Head Of Compliance – Naoris Protocol.” https://pt.linkedin.com/in/joaoferreirasantos. Accessed 11 Jun. 2022.
- “NAORIS – Funding, Financials, Valuation & Investors – Crunchbase.” https://www.crunchbase.com/organization/naoris/company_financials. Accessed 11 Jun. 2022.