Whitepaper

Decentralized Antivirus

Abstract

As organizations and individuals increasingly rely on technology to conduct business and survive every day, so does the need for security of the technologies they utilize. This need is exacerbated by over five hundred eighty thousand instances of malware that are detected every day, contributing to an ever-growing list of over one billion malware. AVME was conceived to assist in the detection and removal of such malicious software in an open decentralized way that disrupts the activities of cybercriminals across the world.

‌ AVME is a decentralized security protocol for malicious content detection and protection against malware. AVME accomplishes this by combining two technologies that can be integrated with blockchain to deliver zero-trust and fully decentralized applications. These include sandbox nodes and virus detection through artificial intelligence/machine learning (AI/ML). Content to be scanned is introduced into the system via platform uploads and endpoint detection. Instances that have yet to be detected by the network are scanned and detonated inside of the sandbox node. The data that the network detects, scans, and classifies will be able to be viewed on the AVME detection portal. Hash information and reports on all data scanned by the network will be available for public view. The scanning of data happens in real-time with the hash information written to the blockchain and originating data discarded and never written to storage.

‌ One large benefit of this security suite is the open-source nature of the system, which allows any organization or person to review the technology and every line of code of the system. This will not only ensure the provable effectiveness of the system but also that the results of all analyses made in the network remain public for anyone to view. This sets AVME apart from other security organizations that keep their detections and actionable results behind paywalls or free security packages that tend to offer minimal protection not suitable for most of the market.

‌ AVME technology is powered by its token infrastructure. The AVME token is deployed as a contract on the Avalanche C-Chain, with a unique wallet, custom-built from the ground up, to facilitate the virus detection suite built into the AVME blockchain.

‌ AVME achieves this with a 100% open-source ecosystem, unlike its blockchain competitors which tend to end their open-source journey at the use of the token and a closed-source platform. With sandbox nodes and virus detection through AI/ML, AVME utilizes a custom-made wallet system to facilitate autonomous learning and react to actionable results from its detection utility packages on sandbox nodes. All aspects of the AVME infrastructure are community-powered, and all results are public information within the network. This opens the network to future partnerships with security companies for the integration of Definitions as a Service (DaaS), to complement their existing systems or the integrations of the sandbox nodes to be utilized for a more cost-effective detection model for the industry.

Blockchain

AVME is built on the Avalanche network, which has three different blockchain products: X-Chain (an exchange network), P-Chain (a platform network), and C-Chain (a cross-chain interoperable smart contract network).

The AVME token is currently implemented on the C-Chain. Which is retro-compatible with the Ethereum network and its token ecosystem. This gives AVME three main advantages.

  1. More scalability than offered by the Ethereum Network

  2. Low transaction fees

  3. Interoperability between tokens from both chains

We chose the Avalanche platform to be the underlying infrastructure for AVME as it fulfills three key requirements:

  1. An efficient method of payment for collaborators

  2. A write-only, public, and permanent database

  3. Allows for consensus between validation nodes over the legitimacy of malware

The blockchain serves as a write-only database. Any content that is written into it, becomes immutable. It cannot be changed. This provides a permanent audit log of all scans performed, actions taken, and steps taken by AVME thereafter.

AVME will reach a consensus between validation nodes in a way that will avoid false positives. All while preventing attacks from any malicious nodes in the network. To do this, multiple validation nodes will process potential payloads and provided results that are uniform across multiple nodes that will be written to the blockchain, immutably.

Decentralization and Zero-Trust

AVME aims to solve the centralization and potential trust issues with conventional antivirus solutions.

Snapshot of the Centralized Antivirus Market

Before discussing the problems and proposed solutions, it is best you build a picture of the centralized antivirus market.

The global market size for antivirus software is US$ 3635.5 million in 2020. [https://www.360researchreports.com/global-antivirus-software-market-17694380]

The market share distribution is an oligopoly. The centralized antivirus market is fairly well distributed, but through a small number of companies holding the majority.

Currently, three entities account for 37.3% of the market. Symantec Corporation (13.16%), Avast Software A.S. (12.69%), ESET (11.45%).

Problems in the Centralized Antivirus Market

The centralized antivirus market is effective in delivering products which creates a lot of revenue. Their current business models pose numerous negatives for the consumer and overall landscape.

Competition

Competition is inevitable in both the centralized and decentralized markets. However, among centralized entities, the problems are more pronounced.

Without competition, the services would not be as beneficial as they are today. As these solutions grow, and lean ever more corporate, competition becomes more focused on shareholder value. Solving the cyber-crime problem takes a back seat to profit and business growth.

Competition must be healthy. Separate businesses, corporations, independent providers could create far more value through the sharing of intellectual property. Antivirus solutions are merit goods, and value is created both directly and indirectly through their existence. Rewards should be attributed for progress in the protection against cybercrime and should not come second to material metrics; profit margins, market capitalization, acquisitions.

The Weaponization of Intellectual Property

Patents are needed, and rightfully protect creators, but in an environment where security signatures and detection methods are being reserved, patents only serve to benefit shareholders.

We cannot circumvent intellectual property rights, but it is important to note they are failing to contribute to a more secure world. Of the 4,700+ intrusion and malware detection-related patents issued in the US, in our eyes, they are only serving to hinder progress in protecting consumers. Our decentralized, open sources approach reflects this.

Fragmentation is an issue. Building on the “problematic patents” notion, providers patenting technologies required for malware and intrusion detections creates lapses in security integrity across products. Competitors can arrange to pay royalties to potential patent holders.

This makes it difficult to tackle the cybercrime problem. Patent holders may not allow competitors to use their intellectual property or “licensing” may not be economically viable for the competitor.

The only outcome: multiple antivirus solutions which have multiple weaknesses, with none serving an optimal antivirus engine, nor a complete cache of definitions used for detecting malicious payloads. Also, not to mention most suggest uninstalling/disabling any competitor software in case of conflicts or file contention.

Profit-Centric

Centralized antivirus providers must generate profit and growth for shareholders. The wider stakeholder pool comprised of users, businesses, people indirectly affected by cyber-security attacks are the ones that inevitably suffer.

Resources are allocated for profit, efficiency, and growth metrics. Cutting staff, less innovation, deterring talent with lower pay, or worse, outsourcing to weaker talent pools, at lower cost.

Trust

Closed-Source

Most antivirus providers do not push open-source software. It is not conceivably possible, at least not in the standard centralized business world.

Simply put, central-owned source code is kept secret. Many tasks are offloaded to centralized ‘cloud’ servers that you do not have access to. Where malware definitions and user metadata are farmed to further grow profits. This could come in many different forms, whether patenting signatures or selling your user data to third parties, often unbeknownst to both home users and businesses.

Because antivirus software is commonly closed-source, users must trust the provider. Antivirus companies may seem like the least likely to act maliciously, but you can’t be entirely sure, not unless you can see the code, not unless there is a clear audit log of all actions taken with your data thereafter. Full disclosure detailing who was privy to it, but even then, you still need to trust the data hasn’t been tampered with or presented in a manner that keeps their brand image intact.

There is an inherent lack of transparency over how your data is used, parsed, and sold. After all, antivirus software searches every corner of your device in detail. It scans, often without any respect for private data, browser history, photos, or metadata.

Monetizing Users

There is a conflict of interest when considering centralized antivirus providers. Many offer free antivirus packages, which often function well. Take Avast for example, they have over 435M users and a hugely popular free package, which functions well and is popular. They are doing humanity great justice. They are protecting many millions of users—for free, but the users still generate profit for Avast somehow.

First, through the vast usage contributing to their AI improvements; virus detection, intrusion detection, but more importantly, through the sale of user data.

Jan 27, 2020, a CNET article reveals: Avast sells highly sensitive web browsing data via a subsidiary named Jumpshot. (Which has since been disbanded.) Over 435m people’s private browsing data sold, unknown to the users at the time and still part of the Avast terms of service.

There are undoubtedly numerous data mining and user profiling operations being carried out by large antivirus providers.

The Solution, AVME

The problems detailed in the previous section are only the tip of the iceberg, but the approach we’re taking with AVME will help solve many of these issues.

Competition Disruption

As it stands, all major competition is centralized, requires trust, and commonly uses underhand tactics for the betterment of business metrics. AVME faces fierce competition as the antivirus sector is heavily dominated by large corporations. Disruption through the following attributes is our value proposition.

Trustless. We are building AVME on the Avalanche blockchain. All transactions are visible and are stored with a complete audit log for ‘eternity'. All AVME users will own the keys to their wallets and will be solely responsible for keeping them secure. Additionally, the code will be open-source, collaborative, and auditable by anyone that wishes to read into the inner workings of our software. A perfect way to incentivize AVME contributors is to only provide updates in the best interest of the users.

Technology. Our software and services will be blockchain-based. This enables decentralized computation, and multiple layers of security through encryption, consensus mechanisms, and ownership of private keys. To compete with the larger centralized providers, we will be implementing AI solutions, with multiple machine learning-based components, that will grow and become more efficient with every detection and new signature. Ultimately, we will be providing an antivirus, that is free, and incentivizes both users, developers, and the wider technology space to utilize AVMEs products, services, and provably encrypted, anonymized data.

Decentralization. Our decentralized approach allows for anyone to contribute. Whether contributing through usage, operating a node, or further supporting development, the benefits are realized by all, not simply for shareholder profit.

Security Suite

Antivirus Engine

The AVME Antivirus Engine is the core of our decentralized infrastructure. It is deployed over a vast network of AVME sandboxes and AI/ML nodes. These components, because they are decentralized, remove the necessity of a centralized datacenter to power AVME. Instead, the community is incentivized to host and contribute resources to the AVME network in exchange for AVME tokens.

Web Portal

AVME.io functions as the minimal viable product of the AVME network. It proves and showcases the effectiveness of AVMEs malware detection solutions.

Users can drop files into the portal’s front-end interface and the scanning service will authorize the network to analyze the upload. To avoid duplicate scans, the web portal checks the file hash and notifies the user that the file is already in the database. Once scanned the detection explorer allows the user to navigate the results.

Endpoint Security Program

The Endpoint Security Program integrates with the Antivirus Engine to detect files that have previously been scanned by the engine. The Antivirus Engine will scan the file structure and inventory files on the endpoint. Any new files detected by the system will be marked for scanning for the user to authorize to the network. When any software is detected on the system that was deemed malicious by the network, it will be quarantined pending review from the user. The Endpoint Security Program will be expanded upon with common features in the security market with features like a firewall, password wallet, secure file storage, and much more.

Password Manager

One of the main premium offerings will be the Decentralized Password Manager, where users will safely store passwords. Storage is encrypted and decentralized, with users only needing to trust our open encryption algorithm. This will be integrated into the Security Suite, and users will be the only owner of their private keys used to decrypt their passwords.

Decentralized VPN

By taking advantage of the decentralized network that AVME will be providing, it is also possible to provide a decentralized VPN service. By taking advantage of any of the under-utilized network capacity, users will have access to a secure, trustless VPN service, and node operators will maintain utilization.

Private Cloud Storage

AVME may expand into Private Cloud Storage. Again, utilizing the AVME network nodes, users will be able to store data securely and forever, redundantly across multiple nodes. Being decentralized, users will not have to trust a centralized authority with their data, only having to trust the encryption algorithm itself.

Tokenomics

Brief

  • Token standard: ARC20

  • Max supply: 21 million AVME

  • Initial pre-mine: 2 million AVME

  • Distribution model: Staking, farming & node incentivization

  • Ticker: AVME

  • Smart Contract Address: 0x1ecd47ff4d9598f89721a2866bfeb99505a413ed

Distribution

Initial token distribution was carried out through a small pre-mine, which is discussed in detail in the next section. ‌

The core approach used for token distribution will be through staking. This will incentivize node operators, which, must stake tokens to participate in the network. This will mitigate bad actors, as they will gain exposure to any potential AVME volatility.

The AVME foundation will receive 5% of newly minted tokens. This budget will drive ongoing marketing and development efforts for the AVME ecosystem and enable AVME to remain competitive.

The yearly staking reward ratio is recalculated each week, but for the sake of simplicity, we have used yearly values to demonstrate the total supply curve and diminishing staking rewards.

The amount distributed to stakers per year will equate to 10% of all remaining supply.

At the start of year 1, there will be 2 million AVME tokens in circulation and 19 million AVME to be created. Therefore, the first-year reward will be 1.9 million AVME. In the year 2, there will be 3.9 million AVME in circulation, and 17.1 million AVME to be created, so the yearly reward will be 1.71 million AVME.

Pre-mine

AVME carried out an initial pre-mine of 2 million tokens. These will be distributed in the following manner:

  • 1.9 million: reserved for AEX & TLM swap allocation -- previous projects since merged into AVME.

  • 0.1 million: for funding early development (dev fund).

The pre-mine has been documented with a full transaction log for the AEX & TLM swap allocations. Any unclaimed tokens from the swap allocation will be acquired by the AVME Foundation, which will be apportioned to development, marketing, and burnt if required.

The AVME foundation plans to lock 80% of surplus funds with the remaining 20% used for marketing-based airdrops to promote awareness of the solution.

For example, from one million tokens, two hundred thousand tokens will go towards airdrops. The remaining eight hundred thousand tokens will be put into a time lock contract. This contract will pay twenty-two thousand coins per month for three years.

The creator of Talium (TLM) was limited to one hundred thousand tokens because of the surplus that was acquired by him from the initial pre-mine of TLM.

Incentivization and Token Utility

Users and validation nodes will be incentivized financially, creating value for the decentralized antivirus ecosystem as a whole.

A wallet will be created which will integrate with our suite of security tools. For example, our free antivirus solution will be integrated into the wallet. The wallet will serve as the control center for the entire security solution.

We will offer premium membership plans, which will be payable with an annual AVME payment. This will give access to additional services such as an MSP-integrated password manager, private cloud storage & secure decentralized VPN. ‌

When the user pays for the Premium membership, the tokens used for the payment will be burned and effectively removed from the current supply. ‌ The cost of services will vary based on the service subscribed for and the current supply of AVME.

Validation nodes will be paid directly from the token contract through minting (creation of new tokens). They will be rewarded for contributing towards new detections, potentially infected files, and storing scan reports. ‌

The value of validation node rewards varies according to the current supply and the number of tokens burned through premium user payments. This process ensures AVME will not reach max supply. ‌

Initially, while the decentralized solution is under development, there will be a staking option for users that do not wish to operate a validation node. These users can lock both AVME and AVAX in the Pangolin liquidity pool and lock the provided PGL tokens to farm and receive rewards in AVME, according to the distribution table.

AVME Foundation

The AVME Foundation was created to govern the project direction and manage the funding for future development and marketing. We seek to educate the public on AVME solutions and security/blockchain in general. The foundation is comprised of founding members and strategic advisors.

Team

Itamar - Founder & Lead Developer

Young entrepreneur and self-taught developer. Itamar’s goal is to create useful solutions to problems never encountered in the market before.

Markus - Founder & Developer

Self-employed for more than 20 years. Senior programmer, graphic designer, professional photographer, and developer of Talium. His focus is on the development of web projects, blockchain applications, payment systems, and company workflows.

Jean - Developer

System Analysis and Development Technologist, enthusiastic C/C++ and Qt programmer, advocate for FOSS and cryptocurrency in general.

Sean - Strategic Advisor & Technical Writer

Sean has a deep background in infrastructure, virtualization, and cloud integration. With over 20 years of experience, his thought leadership helps set project direction.

Alessandro - Marketing Lead

Former computer engineering student, amateur programmer, Alessandro is a marketing and project development enthusiast. His goal is to create and be part of projects that make life easier because of blockchain technology.

Gabriel - Developer

Progressive Web Applications, Native Apps, and System Integration.

Jonas - Technical Advisor

Jonas is an enthusiast in crypto and software development. His vision is a world thriving with innovative technologies.

Natalya - Designer Graphic designer and illustrator, social media, and community management enthusiast. Her vision is to develop graphic solutions that are innovative, unique, and intuitive for any case presented to her.

Project Roadmap

Phase 1 - 2020-2021

  • Idea proposal and discussion

  • Wallet development

  • Pre-alpha version development of the scanning system and malware detection

  • Wallet open beta

  • Token Swap

Phase 2 - 2021

  • Public announcement

  • Alpha version of scanning system and malware detection

  • Wallet release

  • AVME contract release

  • Staking contract release

  • Ledger integration

  • Multi-token support

  • Mobile wallet release

  • X-Chain support

Phase 3 - 2021 - 2023

  • Migration from centralization towards decentralization

  • Implementation of multiple coins inside the wallet

  • Development of decentralized nodes

  • Open alpha/beta of decentralization

Phase 4 - 2023 and Beyond

  • Release of the fully decentralized anti-virus solution

  • Development and upgrades of the decentralized nodes

Contacts

Direct

Website

Email

Media

Telegram

LinkedIn

Facebook

Twitter

Instagram

Reddit

Community

Discord

Useful Links

Github

Pangolin

Staking Contract

Disclaimer

AVME.io does not provide any warranties or guarantees with regards to the software being developed, or the platform being launched. The code is entirely open source, and available on our GitHub links. The platform may or may not be used as-is developed by AVME.io, or it may also be launched in a modified form by other actors.

All users, buyers, and consumers of both the AVME token and AVME.io services must ensure they read and do all due diligence before using the system as provided. With any new technological system, there is a risk involved that must be acknowledged by all users. AVME.io & The AVME Foundation will not accept any liabilities on token sales, or use of the software, and the entire platform is completely open for anyone to use.

This is a living document and is subject to change. The newest iteration will be available at docs.avme.io.

NextBinance to AVME

Last updated