By Jeff Owens, co-founder of Haven1, 19 February 2024
The Chainalysis report released last month has lulled everyone into a false sense of security with the news that crypto theft fell by 54.3% to $1.7 billion last year, with the decentralized finance (DeFi) market seeing an even bigger decline of 63.7%. However, this data masks a rise in off-chain attacks, such as wallet hacks and insider threats, particularly in the second half of the year. In fact, losses related to compromised private keys more than doubled in 2023, from 22.0% to 47.8%.
This data is even less comforting if we consider the fact that the DeFi market all but came to a standstill last year. As activity in the ecosystem recovers, we are in danger of seeing an uptick in the number of attacks again. And, as highlighted by Chainalysis, the attack vectors are becoming more sophisticated and diverse across both on-chain and off-chain intrusions.
As such, it’s not just about creating foolproof code that blockchains should be focusing on. We need a more holistic adaptive security approach beyond the blockchain technology itself, one that focuses on key management, data security, and user authentication. Every crypto platform and blockchain out there should be using cutting-edge detection technologies and regularly updating their security infrastructure.
But we can’t do this alone. The crypto ecosystem needs to collaborate with law enforcement agencies and build partnerships with cybersecurity experts to stay ahead of evolving cyber threats and effectively respond to incidents. We can no longer afford to be reactive when it comes to cybersecurity – we need to become more sophisticated than the attackers.
At Haven1, we continuously monitor potential security threats to ensure that we can respond as swiftly as possible, and we work closely with top-tier cryptosecurity partners. On top of this, our provable identity framework is the perfect antidote to private key loss. Each user on the Haven1 blockchain is verified, so if they lose access to their account, they can recover their funds and transfer to a new wallet simply by authenticating their identity. More importantly, an unverified user couldn’t use a stolen private key to access these funds. This is the level of security we need in DeFi if we want mainstream users to take us seriously.