Security in Web3 : Why are we still not taking it seriously ?

By Harsh Ghodkar

Elevator Pitch

In DeFi last year alone according to a study around 4 billion dollars worth of crypto got hacked whilst the entire market cap of Defi was around 50 billion Dollars. These numbers are scary, after so many years of development why are we still having such hacks? We can’t have mass adoption this way.

Description

Points for the panel

As a panel discussion, we will cover all the general aspects of web3 security from the user as well as the developer’s point of view - Private Key Security

  • Read a message from wallets and use an extension like “fire” that gives easy to read the message

  • Use multisig and ledger for storing crypto and simple account to hold NFT that act as an entry pass

  • Don’t install shady apps on a computer that will track your keyboard and ultimately hack the wallet

  • Don’t interact with shady smart contract

  • From DevEx POV

Best solidity practices Like

“Modifiers as Guards” for instance using a no-reentrancy modifier is the best practice to save from a reentrancy attack

“Adding checks (require, revert and assert)” to make sure only suitable values can be entered

“Locking Pragmas” Contracts should be deployed with the same compiler version and flags they have been most tested with. Locking the pragma helps ensure that contracts do not accidentally get deployed using, for example, the latest compiler which may have higher risks of undiscovered bugs.

Use ``` // bad pragma solidity ^0.8.4;

// good Pragma solidity 0.8.4 ```

  • Smart Contract Auditing

  • Open-source competitive audits

  • Network Security

  • Data privacy

Notes

The panellists are developers in the space and have been working in different blockchain ecosystems. We have been creating content regarding blockchain literacy as well as making the UX easier and safer. We have had experience as smart contract developers and worked on various projects which gives us perspective as a developer and a user of the products to talk about this. Being in space for a long has given us the experience of studying different hacks. We would love to give back our knowledge to the community.