Security Research

Why Forta?

April 19, 2022

My name is Christian Seifert; On April 11th, I made a professional change towards Web3 by joining the Forta community full-time, becoming Forta’s first Researcher-in-Residence. I will be actively researching and publishing content and examples of how Forta can become an integral part of a comprehensive layered security approach for Web3. I thought it would be valuable to introduce myself and share my insights and how I see Forta protecting Web3, so feel free to reach out to me on Discord or pose a research question in the Forum.

My first foray into the blockchain world goes back to 2014. Similar to how big tech primarily focused on the underlying technology, I also initially failed to grasp the revolution underway. It wasn’t until the DeFi Summer 2020 that it dawned on me -  Web3 is broader than the underlying tech; it really is a new iteration of the Internet (i.e. Web2), but with decentralized governance and shared ownership at its core. 

Web3, however, is not without its problems. With increasing value associated with Web3, we also see an influx of black hats. As they are typically financially motivated, the ability to steal millions of dollars in one attack while at the same time staying anonymous is the type of risk/reward ratio that is unheard of in the traditional Web2 world. Despite, having a well-established audit industry and innovations beyond audits (OpenZeppelin’s secure contract library, Immunefi’s bug bounty, Peckshield’s scam token and phishing site protection) massive hacks with hundreds of millions of dollars loss continue to happen (see Rekt and Blockchain Threat Intelligence newsletter).

Reflecting, similarity and differences between Web2 and Web3 exist that allow us to learn and uncover new opportunities in Web3. First off, there is no silver bullet to security. This applies to Web2 just like it does to Web3. There always needs to be a layered comprehensive security approach to minimize risk - one that includes monitoring & incident response.

Forta is positioned well here. Forta is a decentralized real-time detection network for security & operational monitoring of blockchain activity. Not only does this fill an important role in a comprehensive layered security approach, but it does so with a crypto native solution! It is the first decentralized project where the community is incentivized to shape the network and have ownership of the value the network produces!

The differences and similarities between Web2 and Web3 provide great opportunities to strengthen and innovate Web3 security.

Similarities

1) One could argue that there is atomicity with blockchain attacks whereas in Web2, an attacker usually must go through many different steps (codified by the famous kill chain). But even in Web3, an attacker must go through stages as well, such as funding, preparation, exploitation, and finally money laundering, each of which provide opportunities for monitoring, prevention, and mitigation.

2) Humans interact with technology. As a result, social engineering attacks are rampant in both Web2 and Web3. In Web3, however, usability is still pretty poor, requiring better solutions to make social engineering attacks more difficult.

Differences

1) In Web2, we often hear about the attacker/defender imbalance. An attacker only needs to be right once; a security defender needs to be right all the time. In Web3, the cards are stacked differently due to the distributed nature of Web3. An attacker only needs to be right once; but only one of the many thousands of defenders needs to be right at least one time.

2) Blockchain data is available to all, which stands in stark contrast to the limited public data availability in the traditional security space. In Web3, this will unleash innovation by the broader security research community utilizing a diverse set of approaches.

3) Losses in Web3 are better understood and can be quantified as the attacker’s transactions are public, which is much more challenging in the web2 world. This will enable superior risk quantification models in Web3, that will give rise to robust cyber insurance (e.g. Solace) and protocol risk mitigation strategies.

4) Web3 has a finality to attacks given the immutable nature of the blockchain. In Web2, however, things are more fuzzy. A stolen credential can be reset, access can be revoked, etc. In Web3, this will likely lead to new mitigation strategies as well as rise to forementioned cyber insurance adoption.

These opportunities empower the Forta community and the broader security and data science community to develop a comprehensive security strategy that could protect the billions of dollars flowing through Web3.

Web3 will be transformative, but it also faces a tremendous amount of challenges. The good news is, people are moving to Web3 to innovate and solve these challenges, including myself! I am excited to embark on this journey with the Forta community towards a comprehensive Web3 security approach. I hope many of you will join me and innovate. If security monitoring strikes your fancy, learn about this space, run a Forta node, author a Forta detection bot, request a grant or analyze an attack and share your insights on the Forta Discord or Twitter. Looking forward to working alongside you and the broader community to build a secure Web3.

Christian Seifert


Research @Forta
Twitter @cseifert

Share