To keep Web3 safe, security must be a group effort

by · April 18, 2023

Degens look for each other. Or at least they should, if they seek to honor the community ethos of the NFT space. But how many NFT enthusiasts are there actual put this principle into practice? Sure, sharing opportunities and prosperity count for something. Supporting each other to success does, too.

But protecting each other from bad actors seems to be left out of this reciprocity equation.

By and large, every time a prominent figure in Web3 falls victim to a scam, it feels like we’ve failed to protect each other. But it’s not for lack of trying. Rather, it is nearly impossible to identify and share every new security risk day after day within our current infrastructure. This means that a change must be made.

To improve the security of Web3, many feel that security must be more of a group effort. Leveraging a typical facet of the NFT space – the community – a select few projects and groups aim to crowdsource new ways to keep blockchain users safe.

Safety in numbers

This idea of ​​crowdsourcing Web3 security has been expressed by many, but perhaps most notably by OpenSea co-founder and CTO Alex Atallah. With the introduction of the NFT Security Group in January 2022, Atallah and his peers sent a message to bad actors in Web3: going forward, all major players in the NFT space will be keeping an eye on their misdeeds.

Comprised of 18 prominent crypto-NFT firms, including Adobe, Coinbase, and MetaMask, the NFT Security group – effectively a blockchain neighborhood watch – was developed for these companies to share unpublished vulnerabilities with each other to identify flaws and ensure the security of NFT- is. The goal was to promote proactive, community-driven, cross-platform engagement and security.

“We believe the security implications of Web3 extend across platforms and that the inevitable trend toward disintermediation comes with security implications and responsibilities for all involved,” Atallah wrote in a blog post introducing the Security Group. “Simply put: more cooperation in this area is needed to tackle security and safety challenges at the highest level, which is why we are announcing the creation of a private NFT Security Group.”

Due to the lack of communication after the initial introduction, there is really no way for the general public to know how effective the group has been to date behind closed doors. But still, the launch alone highlighted the potential of crowdsourcing Web3 security as an effective means of strengthening security. And now that more than a year has passed since NFT Security Group was created, others have taken up the cause of keeping Web3 safe.

Practical ways to keep your NFT crew safe

Currently, there is a growing variety of Web3 security tools that simply do not use enough degens. The developers of these tools have found themselves hard pressed to promote usership among a population of enthusiasts who often place more importance on profit than security. But a more community-focused solution has recently taken shape through services such as NotCommon and SafeSoul.

Not usual

With Not usual, users across Ethereum, Polygon, Solana, Tezos and more can sign up to receive customized real-time alerts about Web3 security threats. By connecting a wallet to the service, users will receive updates on security threats specific to their NFTs, tokens and the projects they follow.

This reactionary model can prove to be extremely effective in keeping Web3 users safe from all too common account hacks which plague blue-chip NFT projects. By identifying threats as they arise, NotCommon can send up a torch that can save collectors from engaging with malicious links or trading unofficial and malicious NFTs.

Still, the reactionary nature of the NotCommon service can also be a caveat. Because as we’ve seen before, through individualistic efforts, this kind of response to security threats isn’t always far-reaching enough to protect the majority of the NFT community. So to take it a step further, services like SafeSoul have sought to create a robust ecosystem of both proactive and reactive solutions.

SafeSoul

Created by the same team behind the Digital Animals NFT project, SafeSoul is a free browser extension that highlights potential NFT scams when a Web3 user navigates Twitter, Google, YouTube and other regularly trafficked websites and platforms. And while threats are constantly monitored by the team behind the project, SafeSoul also relies on community members to identify potentially malicious accounts and content.

With SafeSoul Web3 Patrol, users are encouraged to flag potentially dangerous accounts and websites by leveraging their identity as trusted members of the NFT community. To do so, a user must acquire and activate a SafeSoul token, which essentially means tying it to their wallet as a non-transferable Soulbound token, which can be used to verify their role.

Using this unique methodology, SafeSoul’s developer team can keep track of the platform’s contributors to ensure they are accountable, and contributors can help keep their fellow degens safe by acting altruistically.

“From day zero, we’ve used information from over 20,000 scam sites to create the SafeSoul database,” Seni Rogova, a team member behind the SafeSoul project, said in an interview with nft now. “Our database has artificial intelligence that is always learning and searching for new websites, new pages and new accounts[…] But in case of emergency, we have a system for [trusted users] to go straight into the extension and say “this is a scam.”

Although there are several steps in the system that involve voting, validating hack allegations, and so on, if we travel further along this top-down direction, it is clear that the Soulbound Token system could have the potential to be of great benefit to SafeSoul’s general users. For now, enthusiasts can easily avoid fake or otherwise dodgy accounts and products before engaging, simply by going about their normal Web3 business.

Bandaid fixes won’t last forever

From the NFT Security Group to NotCommon to SafeSoul, it has become clear that to keep the Web3 safe, security must be more of a group effort rather than existing in a vacuum. Still, given the still very nascent nature of NFT technology itself, to say that the security of such a volatile sector is coming is presumptuous.

Regardless of the fixes being built, as Web3 grows, more robust solutions will be needed if NFTs are to truly make the leap from niche to mainstream. Of course, given that cyber security remains a major concern even for the world’s most trusted financial platforms and social media companies, it could take years to achieve a powerful and sustainable form of blockchain security.

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *