BITSEC (SN60): Arguably the most overlooked subnet on Bittensor right now

Something strange is happening in Bittensor right now. Bitsec built a product that finds critical software exploits better than the best models money can buy; it’s already closing paying clients at 70% conversion, and almost nobody is talking about it.

Now, we want to dig deeper into what this subnet is doing, because there seems to be a lot of good stuff to be unpacked.

The problem is bigger than most people realize

Let’s start with the numbers. In 2025, crypto thefts crossed $3.4 billion, according to Chainalysis. North Korean hackers alone accounted for over $2 billion of that, a record year and a 51% jump over 2024.

But the raw figure isn’t even the scary part. The scary part is who’s getting hit. In November 2025, Balancer, one of the oldest and most heavily audited DeFi protocols in existence, lost more than $100 million across nine chains.

The cause wasn’t some exotic zero-day. It was a rounding-direction error in the swap math, a tiny discrepancy that compounded across thousands of transactions until it drained the pools.

And here’s the kicker: Balancer had been audited around ten times by top firms. The vulnerable contracts dated back to 2021. Multiple human audits looked at that code and the needle stayed buried in the haystack.

That right there is the significant problem. Human audits are slow, expensive, and inconsistent. A single audit can run $50,000 to $100,000, and it still misses things. Meanwhile, AI is now writing or assisting the majority of code on GitHub, and a large share of that AI-generated code ships with vulnerabilities baked in.

We’re producing insecure code faster than anyone can review it, and the people best positioned to exploit that gap are already using AI to do it. There’s even reporting that the Balancer attacker may have vibe-coded part of the exploit.

So you have an exploding attack surface, a shrinking pool of human reviewers who can keep up, and adversaries who’ve upgraded their tooling. That’s the hole Bitsec walked into.

How Bitsec solves it

Nowadays, codebases can be described as a haystack with multiple needles, where every needle is an exploit, and missing even one can sink the whole protocol. The job is to find every needle before an attacker finds the first one.

Bitsec does it by turning that search into an incentive game.

Miners submit AI agents (Python files running in Docker containers) that hunt for vulnerabilities. Validators run those agents against real codebases and score what they find against a “golden dataset” of known exploits drawn from hundreds of real audit reports.

The clever part is what the incentive points at: the agents get rewarded most for finding the exploits that current agents can’t find. You’re not paying miners to re-discover the easy bugs. You’re paying them to push the frontier outward, edge case by edge case. And because the validation set pulls from hundreds of different audit reports, it’s hard to overtrain or game.

Then Bitsec does something most “GPT wrapper” competitors don’t. It takes the raw output from the miners and refines it, running it through a proprietary classifier that separates real vulnerabilities from false positives before anything reaches a client.

John Yu, owner of SN60, uses a gold-mining analogy for Bitsec. Miners are individual prospectors panning for gold, and Bitsec smelts the raw material into bars worth handing to a paying customer.

Bitsec is already at the frontier

Before the US government locked things down, Bitsec jailbroke Fable 5, Anthropic’s hardened security-resistant model, and pointed it at a paying client’s codebase (with permission). Then they ran Bitsec against the same code.

Fable 5 found around 60 vulnerabilities, five of them high or medium severity. Bitsec found over 160 in total, including five criticals and ten highs that Fable 5 missed entirely, and it caught everything Fable 5 caught.

On Bitsec’s own benchmarks, the agent harness wins clearly on both cost and performance against top models, roughly ten times cheaper. The one axis it doesn’t win yet is speed, and John says that’s because they simply haven’t tuned the miners for time.

And these claims are also backed with real financial facts. Bitsec’s agents have found vulnerabilities worth $275 million-plus in production code, across projects including Virtuals, Stargaze, and the Lium subnet (SN51).

The revenue wheel has started spinning

The technology being ready is one thing. Converting it into a business is another, and this is the part Bitsec has also made progress with.

Their test phase is complete and they’re in commercialization. By filtering for the right kind of customer, founders and CTOs at proactive teams who already understand what AI can do, they’re converting at 70%.

Their strategy is a foot-in-the-door. Bitsec funds the upfront token cost of the first audit (hundreds to low thousands of dollars in inference), then shows the client a list of criticals and highs that a traditional bug bounty would’ve charged $50,000 to $100,000 to discover. They then ask for a monthly subscription because the codebase never stops evolving, and neither do the threats.

The team mentioned that they have a pool of about 1,000 hungry prospects, subscriptions between $1,000 and $5,000 a month, and a target of 50-plus paying customers by year-end. At the low end, that’s $50,000 in monthly recurring revenue.

They already have several paying clients in that $1K–$5K range. The constraint isn’t the tech, which can scale to a thousand customers right away. It’s operations because the team is two people, but they’re actively hiring an ops lead and another developer.

Another question would be how this revenue flows back into the subnet. The plan is alpha buybacks, with miner contribution tied directly to commercial success. The better miners get at finding what others can’t, the stronger the subnet’s reputation, the more clients close, the more revenue flows to buybacks.

And the customers are sticky by design. Even if a client freezes their code forever, models keep improving, agents keep improving, coverage keeps expanding, so they still need continuous scanning to keep the code safe. You don’t stop paying for security when the threat landscape never stops moving.

Why this could only happen on Bittensor

It may be tempting to ask why Bitsec needs a subnet at all. Couldn’t a normal startup build this?

Well, the answer is no.

Bittensor lets you incentivize a specific kind of intelligence, in this case the production of frontier security agents, and have an open field of miners compete to push it forward. That competitive dynamic is exactly what beat Fable 5. No single centralized team was going to out-iterate a swarm of miners all racing to find the exploits nobody else can.

The decentralized, open-source foundation also solves a problem the frontier labs can’t. The CTOs Bitsec talks to don’t just worry about whether a tool works. They’re often legally restricted from sending sensitive code to centralized labs, and they don’t want their data retained or used for training.

Running on open-source models via Bitsec means clients play by rules the big labs can’t offer. And the architecture keeps miners cleanly separated from client data: miners build the agents, Bitsec runs them without anyone peeping on a customer’s private codebase.

That combination, competitive open-source intelligence plus data sovereignty, is the product. Take Bittensor out, and Bitsec doesn’t exist.

So why is nobody talking about it?

One could say that if the team had communicated the commercial wins and the benchmark results well, more folks would be aware of this. It’s true that comms have been subpar so far but the team is committed to improving on that front. A rebrand is underway to make the whole thing legible to people who’ve never heard of them and to enterprise prospects.

But Bitsec has shown that Bittensor subnets can do great things. Finding critical exploits better and ten times cheaper than the best sealed-off lab models, with paying clients, a 70% conversion rate, a buyback-aligned token, and a TAM that stretches from a $1.5 billion smart-contract audit market into the far larger world of web2 security and AI-generated code.

Disclaimer: This article is for informational and educational purposes only and is not financial, investment, or trading advice. Cryptocurrencies and tokens are highly volatile, speculative assets that can experience extreme price swings or lose all value. Investing in them carries a high risk of partial or total loss of capital. Always do your own research (DYOR) and assess your financial situation and risk tolerance before making any decisions. The TAO Daily and its authors are not registered financial professionals and may hold positions in assets discussed.