Users need to go under the engine in Web3 — HashEx CEO

Published at: Jan. 3, 2023

Hacking in Web3 is easy because it uses the same pattern that’s been used since the inception of the internet — pretending to be someone else. 

Due to the complexity and the “cool factor” of Web3 projects, one can easily — and mistakenly — assume that it takes Mr. Robot level of advanced hacking techniques to pull off a successful attack. In truth, however, it only takes a sinister ad placed on Google search results, an impostor Telegram group or a deviously-crafted email to break the security barriers of the Web3 ecosystem.

Blockchain projects can use top-notch smart contracts, securely integrate crypto wallets and use best practices in each digital step across the board. But they still need help with the social aspect of user protection.

Web3 takes the “ownership” from central entities and distributes it to users to democratize the internet for everyone. It gives power to the user.

But, attaining this power of ownership also comes with significant responsibility. Users need to understand how crypto wallets work, how transactions are made, and how assets are stored — and the steep learning curve is not helping.

Cointelegraph sat down with Dmitry Mishunin, the CEO of blockchain auditor HashEx, at Istanbul Blockchain Week to speak about the ins and outs of Web3 from a security expert’s perspective.

Cointelegraph: You were working on Web3 before it was even a thing. How do you describe or frame Web3?

Dmitry Mishunin: I think the main feature [of Web3] is the control of funds is the users’ responsibility, and this is a fascinating paradigm.

Web1 is just a read-only experience. You can get the information and get the context, but you can’t do anything with it. Web2 is a read-write mode — you can upload something. And Web3 is read, write, own.

This is a crazy responsibility for the end-user because they didn’t have such an experience before. We see lots of problems in security because people don’t realize that this is their personal responsibility against their own assets. People are not ready for this.

CT: How do you think Web3 differs from others regarding security and user protection?

DM: It comes with a new level of security and a new level of smart contracts. It’s not only about the privacy of smart contracts; it involves all the infrastructure of wallets, users, their mission and so on.

When a huge bank lacks funds, governments can provide the funds, not as credit. They buy the bank for $1 and give government funds. The Web3 infrastructure is not ready for this because governments and huge regulators don’t think it’s worth it, or they don’t think they can trust this ecosystem.

For example, if I had a PayPal account, I’d be 100% sure that PayPal kept my funds safe. And if someone steals it from them, [PayPal] will return it to you, or maybe I can go to court. At the end of the day, they will return my funds. It’s hard to understand you have a personal responsibility for these funds [in Web3] — it’s hard to realize.

Phishing continues to be a major threat in Web3

DM: Even in HashEx, a security company, we lost about 100,000 dollars in the previous year — not in scams, not in risky investments, but in human mistakes. We had a crucial phishing experience when our employee wanted to make some swaps on Pancakeswap, searched for Pancake on Google and didn’t realize that she was clicking a link from the Google Ads, not from the search results. 

It had a pop-up that looked like a MetaMask window. The pop-up said, “you have an error in your MetaMask,” and she entered her seed phrase.

CT: So, in short, smart contracts will be safer, but phishing will still be the main pain point in web security. Will the social aspect of security be the main business for companies like HashEx?

DM: We can reduce phishing attacks because it’s mostly about knowledge and understanding of how swindlers are tricking users. It’s not about the cyber police or the auditors because executing such attacks is easy. You can just create a Telegram group and message users. It’s impossible for security companies to cover all this stuff.

However, we sure can help with this level of understanding of users, and we do. We have HashEx Academy. We are making lots of content about it. After some time, people should gain a better understanding of how Web3 should work.

CT: Is it possible to stay anonymous in the Web3 environment?

DM: It’s only possible if you don’t withdraw any funds and transfer them from Web3 to the real world. If you want to withdraw funds from Web3 to the real world, the risk of losing anonymity appears immediately.

CT: Metaverse and blockchain gaming are the top trends for Web3 right now. Do we have any other trends besides those?

DM: The Internet of Things (IoT). It’s a powerful trend. It’s excellent when those devices can exchange data with smart contracts or with each other.

There are a few smart devices in my house, like a washing machine and a dry washer. I use these IoT features. It’s good for me, and I think integrating more complicated systems will be fine.

CT: Why do you think blockchain-based IoT would become a trend?

DM: It’s because the companies lack universal support for IoT. For example, there is a massive problem with availability in different countries or different regions. If you speak about Amazon or eBay, they have different databases and websites across the world and every couple of hours, or every couple of days, they synchronize them. But they surely don’t use the same database for North America, South America or Europe.

And, if you are a technology vendor like LG or Samsung and you want to connect all the devices across the world, you have two options. You either have different hubs in different regions and synchronize them, or you use something like a blockchain. So, for the high reliability of this process, blockchain and Web3 are helpful.

CT: What do you expect from the Web3 industry for the upcoming year?

DM: Standardization. We have to ask for more and different spheres of blockchain. We have to ask for other ways of transferring funds between blockchains. Bridge standardization — it may have more tools and more frameworks. It’s really useful.

Tags
Related Posts
A multichain approach is the future of the blockchain industry
The blockchain industry market size was estimated by some to reach more than $21 billion by 2025. The market capitalization of the cryptocurrency market as a whole already reaches over $1.9 trillion. An ecosystem that was once defined by its tight-knit community and exclusivity now reaches governments, businesses, institutional investors and individuals who are all becoming more positive about the evolving space. With this new popularity, a crossroads has emerged. We have reached the stage of adoption where the amount of users utilizing decentralized technology has exceeded the functionality of the technology itself. This has resulted in regularly congested networks …
Adoption / Aug. 15, 2021
Stacks’ Mitchell Cuevas talks building integrated DeFi bridges for Bitcoin users
The Stacks ecosystem is a collection of independent entities, developers and community members working to build a user-owned internet on the Bitcoin (BTC) blockchain. Stacks’ STX cryptocurrency was distributed to the general public through the first-ever Securities and Exchange Commission-qualified token offering in the United States. Mitchell Cuevas, head of growth for the Stacks Foundation, held an exclusive ask-me-anything, or AMA, session with Cointelegraph Markets Pro users on Dec. 2. During the session, he discussed the Stacks blockchain’s technological capabilities, future growth and major developments. Cointelegraph Markets Pro User: PoW [proof-of-work] blockchains are known to be the most secure. Does …
Adoption / Dec. 9, 2021
Web3 innovations are replacing middlemen with middleware protocols
Cryptocurrencies and the wider blockchain ecosystem are helping change the status quo of how we conduct our day-to-day lives. With these emerging technologies, Web3 is being ushered in as a permissionless and open innovation using middleware blockchain protocols. By doing so, they’re replacing middlemen software-as-a-service (SaaS) companies by capturing value at a greater level. Middleware protocols are by no means new. After all, Web2 is supported by middleware applications, the main one being HTTP. Middleware is what enables users to interact with each other and with applications in a computing environment. And with Web3, there are a variety of protocols …
Decentralization / Jan. 29, 2022
Hiring top crypto talent can be difficult, but it doesn’t have to be
Building a career or constructing a team in decentralized finance (DeFi) and crypto relies on finding talent, skills and the right attitude anywhere, in anyone. While this is no different than other industries, what makes ours unique are the much-needed, specialized skill sets combined with finding a good culture fit in an international and remote setting. Despite recent turbulence in markets, crypto companies continue building and growing. The increased energy and legitimacy in the industry over the years has many people wanting to make the switch from Web2 to Web3. This requires recruiters to sift through hundreds of applicants every …
Adoption / July 2, 2022
Crypto, like railways, Part 2: Blockchain as the new internet planner
In my latest article “Crypto, like railways, is among the world’s top innovations of the millennium,” I compare the blockchain revolution to the railway boom. If we apply this analogy further, what’s going to happen next? Stuart Hylton in his book What the Railways Did for Us: The Making of Modern Britain cites this quote: “The direct effects of railway building are, after all, considerable enough in themselves to require no exaggeration. They profoundly influenced the internal flows of traffic, the choices of the site and the patterns of land use, the residential densities and development prospects of the central …
Adoption / July 10, 2022