Introducing Particle: the simplest way to hedge your NFTs! The team’s mission is to create a new financial primitive that enables fully on-chain and trustless hedging, inventory management, and yield generation for NFTs, and we all know that a new primitive can’t be established unless its design is inherently secure. Particle’s team chose to work with Code4rena on an Invitational audit: bringing five of the best minds in web3 security to vet their code as they look to launch.
We spoke to Wukong and Kid from the Particle team to get more details on what they’re building and how they’re prioritizing security in everything they do. Let’s dive in!
What are you building, and what sets it apart from similar offerings in the space?
Particle is a peer-to-peer, oracle-free decentralized hedging protocol that enables leveraged short perpetuals for non-fungible tokens (NFTs). Leveraged positions are issued by NFT suppliers to NFT traders. In this exchange, traders can make a profit on the market’s volatilities by executing leveraged short perpetuals, while NFT suppliers can earn customizable, low-risk yields.
NFT traders can then have (1) the ability to access leveraged short perpetuals with more trading opportunities and flexibility; (2) the possibility to move the NFT market because all the trading activities happening in real marketplaces; and (3) the opportunity to trade leveraged short perpetuals for a wide range of NFTs, due to the P2P mechanism.
NFT suppliers can then have (1) a unique opportunity for NFT holders to hedge their positions, protecting their investment against price volatility; (2) additional yields to further enhance the value of their holdings by providing liquidity to the market; and (3) robust inventory management to optimize capital efficiency.
What’s your vision for your project? What are you building towards in the longer view?
Particle aims to revolutionize the NFT marketplace by providing an innovative peer-to-peer decentralized hedging protocol that empowers NFT holders and traders. We envision a future where leveraging and hedging are integral parts of the NFT trading experience, providing opportunities for profits and yields amidst market volatility. By seamlessly connecting NFT suppliers and traders, we aspire to democratize access to advanced financial instruments, fostering a more dynamic, inclusive, and efficient NFT asset class.
For the longer term, Particle aspires to advance NFTs from niche digital collectibles to a widely recognized asset class in their own right by creating a unique, comprehensive, and efficient financial ecosystem around NFTs. This vision is not limited to providing a robust platform for margin trading of NFTs but extends to pioneering the development of NFT derivatives, offering unprecedented opportunities for users to hedge risks, speculate on price movements, and maximize potential profits. Beyond trading, Particle aims to innovate advanced asset management services tailored specifically for NFTs, providing powerful tools that empower users to effectively manage their NFT portfolios. By breaking new ground in these areas, we aim to bring the sophistication of traditional finance to the world of NFTs and beyond.
What would you say has been the biggest challenge throughout the entire process?
While NFTs have gained significant attention and popularity, the concept of using NFTs as financial instruments is still novel to consumers and potentially risky due to regulatory uncertainties. Many potential users may need help understanding these complex financial products and services that Particle smart contracts unlock. Educating the market to realize the potential of these new services and their value can be challenging.
It’s our understanding that Particle’s a P2P decentralized hedging protocol. This is an innovative concept on both a trader’s and a supplier’s side. Did you have any security concerns going into the build? If you did, how did you mitigate these?
Our P2P design removes the use of a price oracle. In this design, we make sure that not even our team can game the system by attacking the oracle (unlike other protocols that rely on a timely and correctly behaving oracle). The liquidation in our platform only happens under the rules set and agreed upon by each supplier-trader pair, where the protocol is merely governing the rule execution and the participants are free to choose the parameters.
We also make sure that in the frontend design, the parameter setting step is super clear and easy to understand. When popping up for wallet signing before on-chain execution, we also make sure to show the parameters for final confirmation.
More broadly, what would your team define ‘being secure’ in web3 as?
We believe in full decentralization and transparency for security. Being secure means there is not a single player, not even anyone from within the team that develops and deploys the protocol, who can exploit the protocol to behave in any unintended ways. Within the platform, we assume trustlessness for any third-party contract interaction, meaning even if the contract we interact with is deliberately misbehaving (i.e., byzantine), our contract should remain operationally nominal (e.g. as with Aave’s flash loan, no matter the lender’s execution, the LP fund should always be safe).
What prompted you to engage with Code4rena?
Track record and investor recommendation. We greatly respect audits that can find security vulnerabilities in an original (being the first) and novel (unseen attacks) way. What’s great about web3 is that finding these audits can be purely based on meritocracy — anyone from anywhere with the best ability wins, regardless of their background. We read through many previous reports and projects vetted by Code4rena: this approach and the positive outcomes consistently checked out, so we really want to be part of this high-standard scrutiny.
Apart from running an audit with us, what does your security roadmap look like?
Any future contract update will go through at least one third-party audit and review. We will host ongoing bug bounties for white hats.
To wrap up, let’s finish with an open-ended question. We’re not halfway through 2023, and we’ve already seen some very impactful exploits in the space. What are we collectively as a community doing wrong? What are we doing right? How can we become better as a community regarding security?
What we’re doing wrong: An attack is usually not done all at once — a community might be able to set up some form of early catch and checks for suspicious contract interaction (off the path for what a normal user would do).
What we’re doing right: When an attack does happen, we’re (being the web3 community) using any and all legally allowed methods to find the attacker and exert maximum pressure. What Euler did was incredible, and in our opinion will serve as a deterrence for future hackers to move towards the life of a white hat instead. We back the approach of sending a firm message that the consequence of doing wrong is much more severe than the reward a hacker might get from exploiting a system.
What could we do to become better: In our opinion, we could be providing more incentives for white hats and cracking down on hackers as much as we can as a community. In order to do this, we should track and educate on the consequence/reward balance more than we currently are, so that we can help guide people to a path where they choose to do the right thing in the first place.
Learn more about Particle
- Website: https://particle.to
- Twitter: https://twitter.com/particle_to
Particle’s $24,170 USDC Invitational audit with Code4rena begins on May 30th and will last 3 days. Details here.
The Ones in the Arena spotlights emerging and established DeFi projects and their founders, with an eye to celebrating and learning from them. The series’ name is inspired in part by Teddy Roosevelt’s famous quote, which has a central place in Code4rena’s philosophy.
