KPMG Highlights Efforts to Be Made in Web3 Security

KPMG stresses the importance of security

KPMGthe world’s leading consulting and accounting firm, presents a report highlighting the importance that should be given to it Web Application Security 3.0. In fact, if the main public blockchains are built in such a way that a foreground attack is difficult, this is not the case for the applications to which they are added.

This note reflects a reflection that Ethereum (ETH) founder Vitalik Buterin shared last month on Twitter. He said he wanted Ethereum to be able to hold out, Even for the most serious threatswhile applications are built on it Disadvantages Far from the criteria he hopes:

The vulnerability of smart contracts is actually an angle of attack profitable for hackers. This is just as true as anyone can, in theory, publish their dApp on blockchains like Ethereum. With all the potential problems that ensue.

This is mainly These security flaws in smart contracts KPMG is pointing the finger at her. The company highlights that if we compare the first quarter of 2022 with the first quarter of last year, the stolen funds in Decentralized Finance (DeFi) protocols 692% explodedresulting in losses of $1.2 billion.

We also returned to similar amounts a few weeks ago, following a report from Chainalysis. The numbers are mainly due to the Ronin and Wormhole hacks.

πŸ‘‰ Going forward – find our guide on best practices to reduce hack risk

Lack of audit experts

KPMG’s clear note: Among the 5 biggest DeFi hacks, 4 are concerns unaudited smart contracts.

Globally, the company estimates that Web3 application security experts have a range of 1000 to 1500. In parallel, the report presents 18,000 active developers every month. While it is difficult to determine the exact numbers, we nonetheless recognize that this may represent less than one person able to perform the audit, for ten developers.

However, according to Immunify, 10.6% of the total crypto capital was deposited in DeFi protocols at the beginning of 2022. If we refer to Defi Llama today, we find a relatively close figure, around 8%. This large number shows the importance that should be Because of the security.

Number of global security experts according to KPMG

The table is shown above Geographical distributionWeb3 security experts. We see the US and China dominating the market, along with India to a lesser extent.

These numbers are still very low, a given Our ecosystem ambitions. In addition, the majority of specialized companies are still young, having been created only since 2017.

According to the Trail of Bits, 78% of the most serious flaws can be found using an automated tool. Even if the company claims at the same time that 50% of all these defects It can go unnoticed with the same tool. Then we understand the need to Talent search and training.

Other important security points noted by KPMG

It takes some time to become an expert and even then there is no guarantee that you can find all the flaws in the app. However, audits must be performed become standard in the industry and it is a safe bet that security will become a thriving sector in the future.

In addition to smart contracts, KPMG also insists on all items that come Backpack on Layer 1 blockchain. Side chains, in addition to tier 2 such as ZK and Optimistic Rollups, can also offer attack vectors. as such Phishing attacks generally.

Therefore, security is one of the main challenges that our ecosystem must face in order to pursue more democracy. This is a normal process with each new technology. But as in all areas, Money sometimes attracts bad guyswhich requires special attention from all actors in the sector.

πŸ‘‰ In the news too – BAYC NFTs may be the target of a new attack, according to Yuga Labs co-founder

Sources: KPMG, Defi Llama

Newsletter 🍞

Get your cryptocurrency news feed every Sunday πŸ‘Œ and that’s it.

What you need to know about affiliate links. This page displays the assets, products, or services related to investments. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to provide you with original and useful content. There is no effect on you and you can even get rewarded by using our links.

Investing in cryptocurrency is risky. Cryptoast is not responsible for the quality of the products or services displayed on this page and cannot be held responsible, directly or indirectly, for any damage or loss resulting from the use of a good or service highlighted in this article. Investments related to crypto assets are of a risky nature and readers should do their own research before taking any action and invest only within their financial capabilities. This article does not constitute investment advice.

About the author: Vincent Mayor

Twitter- soothsayerdata

I shyly discovered the world of blockchain at the end of 2018 while searching for financial freedom. At first, I invested moderately, and after only two years, I took the risk of betting everything on the movement that was taking shape at the time. Then I devote the year 2021 to better training myself to gain more knowledge and earnestness. As I like to say often: I still have a billion things to learn. And what I know, I want to share with you.
All articles written by Vincent Meyer.

Leave a Comment