Point of View 2: The Importance of Security and Privacy in the Blockchain and Web3 Space

The modern internet may bring us together like never before, but one thing everyone is grappling with is real privacy concerns. Blockchain is a relatively new technology, originally developed to support Bitcoin. However, the technology’s popularity has skyrocketed, and people are finding uses for blockchain beyond cryptocurrencies.

This newfound popularity naturally raises questions about the security and integrity of blockchains. Blockchain technology collects and stores information in groups, also known as “blocks,” and each block can hold a specific amount of data. When a block reaches capacity, it is joined to the previous full block, creating a chain of data that gives rise to the name “blockchain”.

This post has been written by our community member from Discord. All content published without any modifications.

OptriSpace Team

What is Web3?

Web3 encompasses an open, trusted, permissionless internet where users can be able to interact peer-to-peer without giving up ownership, privacy, or reliance on intermediaries. Blockchain is one of the most important tools to realize this vision. Create a direct relationship between users and service providers by eliminating the need for trusted third parties, recording the rules of engagement, and storing direct interactions between users and service providers in an immutable ledger.

Blockchains also fundamentally reconfigure data ownership structures and power relationships. Blockchain allows individuals to bypass centralized websites and costly middlemen and talk directly to each other using end-to-end encryption. It is as well easy to buy and sell assets such as coin, art piece, article, house, car etc. and also access public resources and participate in advanced decision-making.

Importance of security and privacy in the blockchain and web3 space

• Decentralization

Centralized web apps have been the norm for the majority of the Internet’s history. These apps are controlled by a single entity that controls their logic and data as well as the ability to edit or erase their data whenever they please. However, in Web3 all web applications exist as part of a P2P network of nodes connected by a shared file system. There is no single authority or controller of data; it’s visible to all nodes and cannot be altered or erased without consensus from the network.

• Consensus

A blockchain needs to receive a majority approval from the network to validate new transactions or updates. This is accomplished through PoS and PoW validation, which web3 requires. For example, a given block in the blockchain cannot modify itself because its hash is recorded in the next block. Changing one block changes the value of subsequent blocks, invalidates the hashes of subsequent blocks, etc. In other words, any change would require changes to most of the rest of the blockchain. Such changes do happen, but require broad consensus of the supporting network and are very resource intensive.

This makes Web3 more secure than Web 2.0 in many ways. Participating customers can rest assured that they will receive the requested data and that the requested data will not be maliciously altered or replaced. Customers don’t have to trust centralized providers; implicit trust is built into the blockchain.

• Removal of middlemen and increasing trust

In order to trust someone, you need to trust the code and the overall software architecture. With Web 2.0, you have to trust third parties to complete your interactions or transactions. These third parties provide assurances that the transaction will occur as planned. When dealing with a blockchain, the code gives assurance. This means that people can interact directly and easily without featuring escrow or middlemen.

The Ethereum public blockchain is appealing to companies looking to remove middlemen from the equation. It gives individuals direct access to one another, removing the need for third parties. Big companies such as Apple and Google wouldn’t control user data in the web 3.0 thereby protecting users data from malicious parties that might want to use it against them. Additionally, governments wouldn’t be able to shut down websites and applications at their discretion.

• Transparency

Web 3.0 increases the transparency of the Internet. Blockchain records are not only immutable, they are also viewable by nearly everyone. This means that users can see exactly how their data is being used by any web app running on this technology. People often don’t understand how websites gather and store their information. This leads to many data breaches that are unexpected by the public. Blockchain provides transparency; people can see what information websites collect and use. This makes it easier for users to make informed decisions about how they interact with the internet.

Major security risks in Blockchain and Web3 space

• Sybil psychological assault

When attempting to control a peer-to-peer network, one person creates multiple fake identities by creating multiple accounts, computers or nodes. Individuals who assume these fake personas blend in with the public. But a single entity behind the scenes maintains multiple identities simultaneously. Because of its increased influence, it can push through messages or vote in a democratic fashion within a network. Or it can influence the social network through the creation of echo chambers.

• Intellectual property theft

When people feel “secure,” they put their lives in danger by sharing vital information with strangers. This includes valuable papers such as bank statements and personal documents. Additionally, any house information or personal information about their family can be stolen by bad actors.

• Impersonation

Cyber criminals can steal identities by using publicly available information. The information released can impact personal lives and even lead to legal repercussions for the victim. Any action could be taken by impersonating third parties and anyone can use this method to commit fraud

• Stealing cryptocurrency.

Thieves can easily infiltrate Metaverse by maneuvering through NFTs and cryptocurrency. Gallery owner Todd Kramer recently suffered a major loss of 2.2 million dollars’ worth of art (Reference here). This incident sparked significant discussion among the public about the possibility of theft in this kind of exchange.

Other security risks are itemized below:

• A general recession or crypto market volatility.
• Laws not conducive to Web3 or the crypto market
• Traffic blocking, deletion or other censorship from some still centralized Web3 services.
• Technical glitches in the blockchain network.
• Loss of private keys.
• Smart Contract Vulnerabilities and Exploits.

Conclusion

We still don’t know what the possible loopholes in this virtual reality are, because we’re talking about something that hasn’t been fully explored. For now, all we can think of are some best practices to avoid potential risks. In fact, whether it is Metaverse or other services, we need to ask ourselves some simple questions: If the service is free, what personal information will the service collect, who will receive this information, and with whom will it be shared?

Finally, it’s important to be mindful of what we share: From a privacy standpoint, some content can be problematic and compromise our security. Remember that any information we actively share on public platforms and social media can be the starting point for a social engineering attack.

Additional Resources and Recommended Reading

• Blockchain and Web3: Building the Cryptocurrency, Privacy, and Security Foundations of the Metaverse by Winston Ma, Ken Huang.
• Web3 Made Easy: A Comprehensive Guide to Web3 by Dr. Liew Voon Kiong
• Blockchain Technology and Application: 5th CCF China Blockchain Conference CBCC 2022.
• Mastering Blockchain by Imran Bashir

Author: Morakinyo (MOD OPROM)

If you want to discuss this point of view – please join our Discord server or or Telegram.