Inside M1 Capital’s Strategy to Guard Against DeFi Threats, Operationalize Custom Risk Detection, and Automate Transaction Approvals

M1 Capital had a clear mandate: any transaction leaving a vault must be fully understood, policy-compliant, and risk-screened before a single dollar moved onchain. By deploying Hypernative Guardian, M1 added a real-time intelligence layer to their transaction flow—allowing only known, pre-approved actions involving trusted contracts and addresses, while blocking anything outside of scope. The result is a proactive, intent-aware transaction environment that supports institutional-grade speed without compromising security.

‍

The Scope

‍

• $100M+ AUM
• Stablecoins & fiat-pegged assets
• Yield & derivative tokens
• Staking & wrapped assets
• DeFi strategy & internal protocol tokens
• All major DeFi protocols across EVM and Solana

‍

About M1 Capital

‍

M1 Capital is an Amsterdam-based digital asset hedge fund with over $100M in AUM, focused on market-neutral strategies. Its M1-A1 flagship fund is designed to deliver market-neutral, low-volatility returns across all market conditions, while M1-B1 is a Bitcoin-denominated market-neutral fund offering investors exposure to a diversified set of market-neutral strategies, fully denominated in Bitcoin. M1 also offers tailored strategy solutions, onchain vaults, and a directional fund.

‍

We weren’t just looking to whitelist addresses and smart contracts. Our priority was to protect every transaction with proactive, DeFi-aware threat detection. That meant surfacing suspicious behavior, flagging new risk patterns, and layering in protocol-specific checks our team identified. And ultimately, we wanted a system that could automate approvals without compromising control.
Steven Wisbrun, Co-founder @ M1 Capital

‍

The Hypernative Offering

‍

Hypernative Guardian serves as the real-time decision engine behind M1 Capital’s transaction security strategy. It goes beyond surface-level screening by combining predictive threat detection with customizable risk policies—ensuring every transaction is evaluated not just for where it’s going, but for what it’s trying to do. This allows M1 to operate confidently across complex DeFi flows without compromising on speed or control.

‍

Threat Detection

‍

Every contract call is simulated before execution, allowing Guardian to inspect the intent, behavior, and context of the transaction in real time.

‍

Hypernative identifies threats at multiple layers:

• Malicious address detection: Addresses are flagged at the block they’re deployed by a phishing model that is updated in real time and identifies threats with an extremely low false positive rate.
• Dynamic address reputation: Reputation scores are updated continuously based on shifts in scam networks and deployer wallet activity.
• Abnormal execution flows: Guardian detects suspicious DeFi behavior, such as unexpected token approvals embedded in standard interactions like staking, swaps, or LP deposits.

‍

Custom Policy

‍

M1 Capital layers Guardian’s detection capabilities with their own risk-handling logic, defining how different severities should be treated within their organization:

• No risk → Automatically approved, reducing manual workload by 99%
• Low to medium risk → Sent to designated reviewers for targeted checks
• High risk → Escalated to senior review before any funds leave the vault

‍

This setup allows M1 to codify internal policy while preserving execution agility—turning security into a fast, flexible part of their trading and treasury workflows.

‍

The Hypernative Impact

‍

With Guardian in place, M1 Capital has unlocked a new level of operational efficiency and strategic reach.

‍

Tight enforcement of security policies has enabled the team to confidently increase their DeFi exposure, knowing each transaction is vetted against both pre-set rules and dynamic risk signals. This trust in the system has supported M1’s expansion across both EVM and Solana chains, aligning their infrastructure with the multi-chain strategies their funds demand.

‍

By automating the bulk of transaction reviews, M1 has also reduced the manual load on compliance and trading teams, freeing them to focus on higher-order risks and strategy execution. What was once a high-friction, time-sensitive process is now streamlined, auditable, and built to scale.

‍

Hypernative didn’t just check boxes—they worked with us to model our risks, tune our policy logic, and integrate real-time signals that catch threats we wouldn’t see on our own. Guardian has made it possible to scale our DeFi operations with precision, speed, and a level of safety that fits our standards.
Steven Wisbrun, Co-founder @ M1 Capital

‍

The Hypernative Advantage

‍

Hypernative uses battle-tested, sophisticated machine learning models, heuristics, simulations, and graph-based detections to identify threats with high accuracy and give customers precious minutes to respond before exploits can do damage. The system monitors security, technical, financial, governance and other risks. Hypernative detected 99.5% of hacks last year with less than 0.001% false positive rate and saved $2B of funds to date.

‍

Leading financial institutions trust Hypernative to expand into DeFi safely—unlocking new crypto opportunities without the usual risks. By automating policy enforcement and pre-transaction threat detection, they turn security, compliance, and risk teams into business enablers, not blockers—while cutting manual transaction reviews by up to 90%.

‍
Reach out for a demo of Hypernative’s solutions, tune into Hypernative’s blog and our social channels to keep up with the latest on cybersecurity in Web3.

‍

Secure everything you build, run and own in Web3 with Hypernative.

‍

‍Website | X (Twitter) | LinkedIn