Overlooked Centralized Chokepoints in 'Decentralized' Web3 Projects

Learn about the centralized chokepoints in 'decentralized' Web3 projects and the importance of cybersecurity in blockchain technology. Discover how to address security concerns and prevent hacking in the evolving Web3 ecosystem.

Posted 6 months ago in Security

A person typing on a computer keyboard with a lock-shaped symbol on the screen

Halborn COO David Schwed highlights overlooked centralized chokepoints in 'decentralized' Web3 projects. The tech industry has had its eyes fixed on artificial intelligence, and cybersecurity professionals are lining up to find and patch security holes in AI platforms like OpenAI's ChatGPT. But blockchain cybersecurity firm Halborn has kept its eyes on the ball, continuing to look for ways to support and secure Web3 projects.

'I think as the ecosystem starts to mature, we'll start to see a slowdown of some of the dumb mistakes that a lot of projects are making, a lot of organizations are making,' Halborn COO David Schwed told at Messari Mainnet. 'This is a controversial statement, but many hacks are preventable.'

Schwed pointed to a report by the blockchain security firm that said over $5 billion had been lost in DeFi hacks between 2016 and 2022. 'A number of the hacks were not necessarily on-chain vulnerabilities,' Schwed said. 'They were standard Web2 security that was just compromised or breached due to poor security practices.'

While Schwed pointed to a lack of deficiencies in some projects, he also recognized that certain breaches, like zero-day attacks stemming from vulnerable technology, are inevitable. However, he emphasized the need for companies to be prepared.

In cybersecurity, a zero-day refers to a software vulnerability unknown to those responsible for patching or fixing the software. 'If you're relying on a piece of technology, and there's a vulnerability in that technology that's a zero-day, I would not fault that organization,' Schwed said. 'What I would fault them for potentially is looking for detective-type controls.'

Zero-day attacks are only one of the potential threats DeFi projects face. Schwed suggests Web3 companies look at their projects as a threat actor and see where potential vulnerabilities lie. Another option he suggests is seeking out professionals or so-called red teams to address security concerns. Despite the risk posed by cybercriminals and hacks, Schwed is optimistic about the future of blockchain technology.

Last updated 9/25/2023, 10:17:31 PM


Related Articles

Related Questions

News Letter

Subscribe to the CryptoCat.ai newsletter to stay updated with the latest cryptocurrency news, insightful articles, market trends, and more – delivered directly to your inbox!


Is email too old school? Well you can get your news directly on twitter just by following us