Spearbit, a smart contract audit and security solutions firm with clients such as Polygon, OpenSea, Optimism and more, announced that it “has raised a $7 million funding round led by Framework Ventures, a venture capital firm known for its early entry into decentralized finance (DeFi) and blockchain gaming.”
Additional investors that participated in the investment round “include Nascent, 1kx, Volt Capital, Breed VC, and Robot Ventures.”
Today’s market for security audits is “highly fragmented.” Pricing is opaque, it can “take weeks to receive quotes from multiple firms, reputation is based on marketing as opposed to actual results, and firms suffer from worker burnout and high churn rates.” To solve this massive problem, Spearbit plans to use their raise “to launch Cantina, an open marketplace for crypto security researchers and service providers.”
Through Cantina, companies, projects, and agencies alike “will be able to submit requests to a wide and open marketplace, quickly receive quotes from multiple parties, and hire freelance talent directly via a reputation system that allows individuals and groups to stand out on their merit alone.” At the same time, talented teams of freelance researchers or competitive agencies will be able to use Cantina “to access a much wider pool of jobs and potentially earn a larger cut of contract payouts.”
Spearbit co-founder Spencer Macdonald said:
“Because the security audits market is so fragmented, companies end up selecting their code reviewers based on their marketing prowess as opposed to their technical auditing skills. This in turn creates significant risk of buggy code going uncorrected. In web3, where a single oversight can lead to billions of dollars in losses, this risk is totally unacceptable. We think Cantina could completely overhaul the security auditing process in web3, ensuring companies can more reliably reach top security talent while at the same time empowering freelance whitehats and nimble security agencies with more opportunities. Perhaps most importantly, we think widespread adoption of Cantina can make the space much safer”.
At launch, two of Cantina’s first products will be “the Cantina Managed Service, a white glove solution where users are matched with a curated team of freelancer security researchers, and Cantina Guilds, which are groups or security firms that will host their services as a “guild” via the platform.”
This has even garnered “the attention of traditional security firms such as OpenSecurity who will be offering web2 security services as a guild via Cantina.” Cantina will allow developers to source several bids “for their security needs in a single location.” As a crypto security firm with over 100 vetted and trained security researchers in its network, Spearbit will serve “as the first Guild on the Cantina marketplace.”
Framework Ventures Principal Brandon Potts said:
“As the crypto economy continues its expansion, the security auditing industry must adapt and scale in lockstep. Open source software is inherently meritocratic, and so we think it makes sense for talented whitehat security researchers to collaborate and learn alongside one another and be rewarded based on their skill in a transparent marketplace like Cantina. We believe Cantina could enhance the quality of our industry’s security, eliminate unnecessary intermediaries whilst rewarding individuals, and offer a scalable model that aligns more closely with industry growth”.
As noted in the update, Spearbit is “a global distributed network of industry-leading security experts offering web3 security review and consulting services.”
With a strong focus on mentorship and advancing deep technical education within the web3 security community, Spearbit is committed “to scaling web3 security by providing new security researchers with mentorship opportunities under some of the most prominent names in the industry.”
Spearbit offers one-off security reviews by “a hand-selected team of experts from our talent pool and provides recurring security reviews in the form of a retainer agreement.”