Striking a Balance Between Blockchain Security and Decentralization (Op-Ed)
Written by Trevor Traina, Founder and CEO of Kresus
You are reading these words because our planet orbits the sun far enough to neither fry nor freeze us. Our planet is perfectly balanced for life to thrive. And in this world a multitude of other forces exist in an optimal balance: light and dark, tropical and polar, terrestrial and aquatic.
This is also the case when it comes to designing blockchain systems. Their strongest forces must be balanced so that neither can usurp the other. Security should be as high as possible, but this must be balanced with the need to maintain sufficient decentralization. Network fees should be low, but not so low that they trigger spam attacks.
Finding the Goldilocks zone where conditions are just right is an ideological as well as technological challenge. After all, blockchain systems are ultimately designed and used by people who are as strong as their weakest link. Web3 systems must walk the line between being optimized for security and decentralized management. It’s a delicate balancing act that goes to the heart of what makes blockchain valuable.
Too Much Decentralization Can Kill You
There is such a thing as extreme freedom, which is why societies have laws and moral codes that regulate the worst excesses of human behavior. In the case of Web3, it is similarly possible to have a lot of freedom (i.e. decentralization) in the form of systems that do not resort to worst-case scenarios:
- A team member loses their multisignature key
- A user loses access to his wallet
- Tokens are being sent to the wrong address
- A coding error causes funds to be locked in a smart contract
- Assets are stolen using an exploit
Fraudsters recently used wallet drainers on Google and X ads to steal close to $60 million in digital assets. Meanwhile, in July, it was reported that four separate wallet thieves had stolen close to $65 million since the beginning of 2023.
If you give a society too much freedom, a few members of the society will begin to engage in robbery, assaults, injuries, driving at high speeds, and other risky behavior. If you give too much decentralization to Web3 users, some of them will get hacked, hacked, lose access to their wallets, and generally screw things up.
Freedom in the real world is undermined through security: police forces and CCTV. And blockchain freedom (decentralization) is also mitigated through security, which needs to be set at the right level to protect users from the most common mistakes while preserving the features that make blockchain so powerful:
- Strong transaction accuracy
- Lack of central control
- Support for financial autonomy
Too Much Centralization Can Kill You
You know that saying about pleasing some people all the time but pleasing all the people all the time? O. When it comes to securing decentralized systems, it is difficult to create a single product that will satisfy every type of user. If you put in too much protection, hardcore users will abandon you; Force new users to record a starting phrase ready to lose when they are in danger, and sooner or later they will get out of this predicament.
If you add too much centralized leverage to a supposedly decentralized protocol, you run the risk of weakening the foundations that give it power. Consider an ERC20 token contract that can be upgraded by its creator. On the one hand, this allows the token’s parameters to be updated to reflect the change in direction. On the other hand, it allows unscrupulous token creators to harm their operators.
As a result of this dilemma, DeFi developers must strike a delicate balance between giving users autonomy over their digital assets and ensuring they are not exploited by fraudsters looking for their next target. Crypto wallets are supposed to be more secure, but developers are afraid of exceeding the limits of the decentralized wallet they have created.
Choose low-hanging fruits
So what is the solution? First of all, developers need to implement security features that can solve real threats, not theoretical threats. In other words, less “military-grade encryption” and more practical measures to warn users when they are connecting to a spoofing site or about to send money to a known phisher.
A lot of this comes down to better user experience and more common sense on the part of developers. For example, it would be easy to filter out any address poisoning attacks where a user receives a dust transaction from a “similar” wallet they have recently interacted with. So why isn’t anyone doing this?
Before we move on to combating threats from quantum computing and theoretical MiTM attacks, let’s focus on blocking the most common attacks and scams. Hackers don’t just resort to the toughest exploit imaginable; They prefer the low-hanging fruit, making easy profits wherever possible. DeFi developers need to follow suit by focusing on fixing the methods users use most frequently.
Security and autonomy don’t have to work in conflict with each other: with a little thought, it’s possible to have the best of both worlds by combining the power of non-custodial ownership with a web2-level user interface that exposes everything without signing the transaction. to wallet backup.
Our planet may be perfectly balanced for life to thrive, but the on-chain environment still has a long way to go. Still, it took millions of years for Earth to create a climate suitable for intelligent life. At only 15 years old, Blockchain has time on its hands.
Author biography
Trevor Traina is the Founder and CEO of Web3 SuperApp Kresus, which combines a crypto wallet and NFT platform. He is an investor and seasoned entrepreneur who has co-founded five companies that have been acquired by companies such as Microsoft, MasterCard, and Intuit, and serves on numerous nonprofit boards such as the San Francisco Museum of Fine Arts and the Venetian Heritage, among others. . Trevor served as U.S. Ambassador to Austria from 2018 to 2021.
SPECIAL OFFER (Sponsored)
Binance $100 Free (Exclusive): Use this link to sign up and get $100 free and 10% discounted fee on binance Futures for your first month (conditions).
#Striking #Balance #Blockchain #Security #Decentralization #OpEd
