Once scammed for ten grand, this VC is building a crypto security vault
One of the barriers to bringing cryptocurrency into the mainstream is the frequency of fraud in the space. Last year alone, more than $3.9 billion worth of crypto was “lost,” according to an industry report, even though the number was already down roughly 50% from the year before.
Francois Le Nguyen, an angel investor and former general manager at Entrepreneur First, is among the victims of crypto scams: In a phishing attack on Discord, he lost $10,000 worth of Ethereum and NFTs.
If even prudent investors like himself and notable NFT figures such as Kevin Rose are susceptible to wallet hacks and scams, everyone else is vulnerable, Le Nguyen told TechCrunch in an interview.
"The motivation is to prevent my family members, my friends from getting screwed because I know that eventually one of them will be screwed," he said. "While we talk about owning your own keys as the next wave of the way you should manage your assets, if you don't have the tools to protect yourself, disasters are gonna happen, because every single thing you interact with could be a potential threat, which is so scary."
The distressing loss prompted Le Nguyen to develop security solutions for crypto transactions with the help of his co-founder Jake Harwood, an effort that eventually became Staging Labs. Today, the startup, which currently has three full-time staff, announced that it has raised $1.1 million in an oversubscribed pre-seed round.
"Recent events in the U.S. banking industry are a reminder that there are regulatory and system protections that we often take for granted in the TradFi [traditional finance] world," said Flourish Ventures' Kabir Kumar, an investor in Staging Labs. "Those protections have yet to be built in the crypto world. Individuals are expected to fend for themselves, especially against fraud and scams."
That's where Staging Labs comes into play. Initially, the startup aimed to create an "SOS button" for crypto transactions, something akin to a credit card's freezing option. But it soon realized the limitations of this approach -- what if a user is away from their device? It reiterated on the concept and came up with a more advanced version called Saferoot that can actively and automatically scan transactions 24/7.
In a malicious attack, Saferoot works by automatically transferring digital assets from a vulnerable wallet to a backup safe. This is done by intercepting a transaction after a user clicks "send" but right before the funds go through.
"Blockchain technology is viewed as immutable or you cannot change it after you click 'confirm'. That's technically not true, because there's a small amount of time in which the transaction sits in pending or processing. So that's where we play," explained Le Nguyen.
Saferoot isn't predicting or detecting malicious attacks per se. Rather, it sounds an alarm when a transaction exceeds a user's defined limits, similar to how people safeguard their credit cards by customizing spending limits. Over time, though, Le Nguyen wanted the risk monitoring part to get "smarter."
Once Saferoot spots a suspicious transaction, it then shoots it down and sends another transaction in its place so as to move the asset before the hacker can steal the funds. This technique isn't particularly new and has been used by arbitrage traders, Le Nguyen pointed out. But he argued that the company's moat lies in sending a transaction within a short amount of time, which is "a very, very difficult distributed systems problem."
"This is where my co-founder's background comes in," Le Nguyen noted, referring to Harwood's experience of building a network-distributed system for the speaker maker Sonos.
The stage where Staging Labs currently intervenes is called the "in-flight" part of a transaction. In the long run, the startup plans to also target pre-flight, which is before a user initiates a transaction, and post-flight, which typically involves fund recovery and may require law enforcement intervention. The company is already in talks with partners to develop capabilities for the two latter stages.
Though Saferoot appears to be a SaaS solution, it's going for a somewhat different path to monetization. Recognizing that fund protection is an essential part of asset transfers, the company plans to charge users a subscription fee and a percentage of the assets that are successfully recovered.
It will also share revenues with wallets, which act as key service distribution channels in the crypto world but often struggle to generate revenues themselves. It's currently in talks with "dozens" of wallets and is nearing partnership with one player.
Staging Labs' latest financing is a "party round," which is common for young crypto startups seeking partnerships and during a bear market when investors are more reluctant to lead. The lineup includes The General Partnership, Flourish Ventures, NGC Ventures, AlphaGrep, Gaingels, scouts from a16z, Kleiner Perkins and Greylock, and crypto founders and angel-operators from ConsenSys, Coinbase, Anchorage Digital, Chainalysis, QuickNode, Merkle Science and more.