enterprisesecuritymag

Fluid AI: Pioneering Automated Patch Generation

Abhinav Narayanan, Founder & CEO, Fluid AIAbhinav Narayanan, Founder & CEO
By taking intermediaries out of an equation, smart contracts are proving to be an essential tool for businesses. A Capgemini report shines the light on potential benefits: Trading and settlement of syndicated loans can be completed in six days instead of the present 20-day timeline; cost-saving for banks, in tune of $3 billion to $11 billion annually, by lowering processing costs in the origination process. But there is another side to the story. Being essentially codes, smart contracts like any other software are prone to vulnerabilities, which in place of driving benefits in can drive millions of dollars out. The DAO attack and Parity wallet freeze are glaring examples underscoring this reality. An MIT alumnus, Abhinav Narayanan wishes to help companies avoid such incidents. ‘How’, is the exciting part.

The young CEO’s company, Fluid AI, was initially focused on leveraging artificial intelligence (AI) to facilitate music production by automating mundane and redundant tasks involved. The company is bringing over the same capability for finding and fixing bugs in codes. In fact, Fluid AI is the world’s company to do so. A user only needs to click on the downloadable plugin link provided by the Fluid AI to integrate the solution in his/her development environment. “Our AI-driven solution for remediating security vulnerabilities in smart contracts is a breakthrough technology, and we are setting the foundation of automatic patch generation,” Narayanan says.

The traditional QA process aimed at doing the same job is, though effective to a certain degree, expensive and time-intensive.

Our AI-driven solution for remediating security vulnerabilities in smart contracts is a breakthrough technology and we are setting the foundation of automatic patch generation


Additionally, it depends on a tester’s proficiency, which again is highly subjective. But with Fluid AI’s automated vulnerability identification and patching capability, the process becomes considerably cheaper and faster because of reduced human intervention. The platform upon identifying a vulnerability parses the large search space developed by the company to find a test suite of solutions. Based on the one the developer chooses, the platform then automatically replaces the vulnerability with the selected patch. “If it doesn’t work, our team will look for a different patch that works,” he adds. To use the system, however, users need to purchase specialized tokens the company has created.

Currently, the company is training its AI on different smart contract models written on Solidity and Haskell—the two predominant languages used to build smart contracts—while also leveraging additional sources such as EOS, GitHub, and OpenZeppelin. Moving ahead, the system will be also trained on other languages like Java and AngularJS to expand its capabilities and will be extended into more intensive backend development processes.

Launched in May 2017, the system accumulated 17,000 users in just 30 days which highlights the massive vacuum Fluid AI has managed to fill in. Being such, Fluid AI is finding zilch challenge in bagging funds; its first round of fundraising held early this year completed in less than 72 hours and the second round is already underway. The company is going to roll out its final product soon. “We have only ambition, which is to fully automate the QA process with our AI,” concludes Narayanan.