{"id":6154,"date":"2023-04-18T21:09:59","date_gmt":"2023-04-18T21:09:59","guid":{"rendered":"https:\/\/nft.runfyers.com\/index.php\/2023\/04\/18\/to-keep-web3-safe-security-needs-to-be-a-group-effort\/"},"modified":"2023-04-18T21:09:59","modified_gmt":"2023-04-18T21:09:59","slug":"to-keep-web3-safe-security-needs-to-be-a-group-effort","status":"publish","type":"post","link":"https:\/\/nft.runfyers.com\/index.php\/2023\/04\/18\/to-keep-web3-safe-security-needs-to-be-a-group-effort\/","title":{"rendered":"To Keep Web3 Safe, Security Needs to Be a Group Effort"},"content":{"rendered":"

<\/p>\n

\n

Degens look out for one another. Or at least, they should, if seeking to honor the community ethos<\/a> of the NFT space. But how many NFT enthusiasts are actually <\/em>putting that principle into practice? Sure, sharing opportunities and prosperity counts for something. Supporting each other to success does as well. <\/p>\n

But protecting<\/a> each other from bad actors seems to be left out of this reciprocity equation. <\/p>\n

By and large, every time a prominent figure in Web3 falls victim to a scam<\/a>, it feels as if we\u2019ve failed to safeguard one another. But it isn\u2019t due to a lack of trying. Rather, it\u2019s nearly impossible to identify and share each and every new security risk day after day within our current infrastructure. This implies that a change must be made.<\/p>\n

To better the safety of Web3, many feel that security needs to be more of a group effort. By leveraging a quintessential facet of the NFT space \u2014 the community \u2014 a select few projects and groups aim to crowdsource new ways of keeping blockchain users safe.<\/p>\n

Safety in numbers<\/h2>\n

This idea of crowdsourcing Web3 security has been expressed by many, but perhaps most notably by OpenSea Co-Founder and CTO Alex Atallah<\/a>. With the introduction of the NFT Security Group<\/a> in January of 2022, Atallah and his peers effectively sent a message to bad actors in Web3: going forward, every major player in the NFT space would be keeping an eye out for their misdeeds.<\/p>\n

Comprised of 18 prominent crypto-NFT firms, including Adobe, Coinbase, and MetaMask, the NFT Security group \u2014 effectively a blockchain neighborhood watch \u2014 was conceived for these companies to share unpublished vulnerabilities with each other to identify bugs and ensure the security of NFTs. The goal was to foster proactive, community-driven, close-hold, and cross-platform safety.<\/p>\n

\n
\n
\n

Excited to officially announce the NFT Security Group.<\/p>\n

Web3 security is a community effort, so we\u2019re partnering w\/ more than 15 companies & projects to share vulnerabilities and fixes before they reach other platforms. https:\/\/t.co\/tH4yUNrLg0<\/a><\/p>\n

\u2014 Alex Atallah (@xanderatallah) January 17, 2022<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n

\u201cWe believe the security implications of Web3 extend across platforms and that the inevitable trend toward dis-intermediation comes with security implications and responsibilities for everyone involved,\u201d Atallah wrote in a blog post<\/a> introducing the Security Group. \u201cSimply put: more collaboration in this space is required to tackle security and safety challenges at the highest level, which is why we\u2019re announcing the creation of a private NFT Security Group.\u201d<\/p>\n

Due to a lack of communication following the initial introduction, there\u2019s really no way for the general public to know how effective the group has been to date behind closed doors. But even so, its launch alone highlighted the potential of crowdsourcing Web3 security as an effective means of bolstering safety. And now that over a year has passed since the NFT Security Group came to be, others have taken up the cause of keeping Web3 safe.<\/p>\n

Practical ways to keep the NFT herd safe<\/h2>\n

Currently, a growing variety of Web3 security tools exist that simply not enough degens are using. The developers of these tools have found themselves hard-pressed to foster usership among a population of enthusiasts that often holds profiting at a higher importance than security. But a more community-focused solution has recently taken shape through services like NotCommon<\/a> and SafeSoul<\/a>.<\/p>\n

NotCommon<\/h3>\n

With NotCommon<\/a>, users across Ethereum, Polygon, Solana, Tezos, and more can sign up to receive real-time custom alerts about security threats in Web3. By connecting a wallet to the service, users will get updates about security threats specific to their NFTs, tokens, and the projects they follow.<\/p>\n

This reactionary model might prove extremely effective for keeping Web3 users safe from the all too common account hacks<\/a> that plague blue-check NFT projects. By identifying threats as they occur, NotCommon can send up a flare that might save collectors from engaging with malicious links or trading unofficial and nefarious NFTs.<\/p>\n

Yet, the reactionary nature of the NotCommon service might also be a caveat. Because as we\u2019ve seen in the past, through individualistic efforts, this type of response to security threats isn\u2019t always far-reaching enough to protect the majority of the NFT community. So to take it a step further, services like SafeSoul have endeavored to create a robust ecosystem of both proactive and <\/em>reactive solutions.<\/p>\n

SafeSoul<\/h3>\n

Created by the same team behind the Digital Animals<\/a> NFT project, SafeSoul<\/a> is a free browser extension that highlights potential NFT scams as a Web3 user navigates Twitter, Google, YouTube, and other regularly trafficked sites and platforms. And while threats are constantly being monitored by the team behind the project, SafeSoul also relies heavily on community members to identify potential malicious accounts and content.<\/p>\n

\n

What SafeSoul can do?<\/p>\n

SafeSoul works as a security alert, highlighting security status everywhere across the web: Twitter, Google Search, YouTube, etc. Scam pages are highlighted with red frames, drawing users\u2019 attention and protecting them from accidental clicks \ud83d\udd34 pic.twitter.com\/Dg88SdjgLz<\/a><\/p>\n

\u2014 SafeSoul.eth (@SafeSouleth) March 2, 2023<\/a><\/p><\/blockquote>\n

With the SafeSoul Web3 Patrol, users are incentivized to flag potentially hazardous accounts and websites by leveraging their identities as trusted members of the NFT community. To do so, a user needs to obtain and activate a SafeSoul token, which essentially means binding it to their wallet as a non-transferable Soulbound Token<\/a>, that can be used to verify their role.<\/p>\n

By utilizing this unique methodology<\/a>, SafeSoul\u2019s dev team can keep track of the platform\u2019s contributors to ensure they are accountable, and contributors can help keep their fellow degens safe by acting altruistically. <\/p>\n

\u201cFrom day zero, we\u2019ve used information from over 20,000 scam pages to create the SafeSoul database,\u201d Seni Rogova<\/a>, a team member behind the SafeSoul project, said in an interview with nft now. \u201cOur database has artificial intelligence that is always learning and searching for new websites, new pages, and new accounts[\u2026] But in case of an emergency, we do have a system for [trusted users] to go right into the extension and say, \u2018this is a scam.’\u201d<\/p>\n

Although there are more steps in the system that involve voting, validating hack accusations, and so on, if we travel further along this top-down direction, it\u2019s clear that the Soulbound Token system might have the potential to greatly benefit SafeSoul\u2019s general users. Because now, enthusiasts can easily avoid fake or otherwise insidious accounts and products prior to engaging simply by going about their regular Web3 business. <\/p>\n

Bandaid fixes won\u2019t last forever<\/h2>\n

From the NFT Security Group to NotCommon to SafeSoul, it\u2019s become clear that to keep Web3 safe, security needs to be more of a group effort rather than one existing in a vacuum. Yet, considering the still very nascent nature of NFT tech itself, it surmises to say that the security of such a volatile sector is forthcoming.<\/p>\n

Regardless of the fixes being built, as Web3 grows, more robust solutions will be needed if NFTs truly are to make the leap from niche to mainstream. Of course, considering cyber security is still a major issue even for the world\u2019s most trusted financial platforms<\/a> and social media companies<\/a>, it could take years to achieve a powerful and sustainable form of blockchain security.<\/p>\n<\/p><\/div>\n