Mudit Gupta, chief security officer, Polygon, has requested Web3.0 companies to make hirings of traditional security experts with the aim to avoid hacks, arguing that perfect code and cryptography are not expected to be enough in the current scenario, as reported by Cointelegraph.
According to Cointelegraph, Gupta emphasised on the many hacks which have taken place recently due to Web2.0 security vulnerabilities such as private key management and phishing attacks to get access to logins. Gupta added that a certified smart contract security audit without adoption of standard Web2.0 cybersecurity practices won’t be enough to ensure protection for a protocol and users’ wallets against exploitation.
“You have API keys that are used for decades and decades. So there are practices and procedures one should be following. To keep these keys secure. There should be proper audit trail logging and risk management around these things. But as we’ve seen these crypto companies just ignored all of it,” Gupta said.
On the basis of information by Cointelegraph, Gupta also focused on the need for private key management, giving examples of $600 million Ronin bridge hack and $100 million Horizon bridge hack for the need to strengthen private key security measures. He also made the point that mass adoption of should be backed by an increased responsibility on the part of Web3.0-based companies.
Moreover, Cointelegraph noted that Polygon is based on interoperability and scaling framework for development of Ethereum-compatible blockchains, to enable users and developers build scalable and user-friendly decentralised applications. Employing a team of 10 security experts at Polygon, Gupta now expects all the Web3.0 companies to take a similar sort of approach. After the $190 million Nomad bridge hack in August, cryptocurrency hacks have reportedly went over the two billion dollars mark, as per insights from blockchain analytics firm Chainalysis.
(With insights from Cointelegraph)
Also Read: What are the hacker-exclusive measures necessary to protect digital wallets