Genfinity, the media agency hosting the most authentic interviews in the Web3 space, organized a blockchain and cryptocurrency security discussion with support from Internet Computer, Interlock, and the XDC Foundation. Our goal was to explore best practices in security, recognizing that different projects adopt varying approaches.
We were enthusiastic to have Quincy from the XDC Foundation join us. As a Solidity developer and online content creator, Quincy is dedicated to helping others understand and build within the crypto space. Yvonne-Anne Pignolet, Director of Research at the DFINITY Foundation, brought her expertise in ensuring the efficiency and security of the Internet Computer Protocol.
Mario Yaksetig, a seasoned cryptographer, shared his valuable experience from his early days with the xx network and his recent work with the Bank for International Settlements, offering insights into achieving privacy at a national scale. Finally, Rick Deacon, CEO and Co-founder of Interlock, with over 15 years in cybersecurity, discussed his journey of founding Interlock in 2022 to tackle cybersecurity challenges in both Web2 and Web3.
The Critical Role of Secure Development Practices and Private Networks in Blockchain Adoption
Speaking about security in blockchain development, Quincy reflected on its often overlooked yet critical importance. At the XDC Network, Quincy and his team emphasized the need for developers to establish secure environments — what they referred to as subnets or private nets — before deploying their projects on public networks. This approach helps mitigate risks related to security breaches and exposure.
Moreover, Quincy highlighted a common oversight in the industry: the lack of thorough audits. Many developers rush to market, neglecting crucial steps such as comprehensive testing and both self and third-party audits. These measures are vital for preventing future problems and ensuring a secure mainnet launch.
XDC’s developer also touched on a trend he observed: institutions gradually transitioning to blockchain by first creating private networks. These private networks allow them to migrate processes from legacy systems before engaging with public networks. Significantly, these private networks might evolve into syndicates, enabling shared databases and eventually expanding liquidity to public networks. Quincy saw this transition as a key method for legacy businesses to adopt blockchain technology.
Ensuring Enterprise Security and Trust in Blockchain Through Innovative Protocols and Key Management
Yvonne-Anne Pignolet with DFINITY shared her insights on the critical role of security in the blockchain space, particularly for enterprises. She emphasized that security might not always seem glamorous, but it is crucial, especially given the high value handled by enterprise systems. One of the major challenges is ensuring the accuracy of the network’s state as claimed by various nodes. For many protocols, users must trust these nodes, which can be problematic since most people are not equipped to run full or archival nodes.
To address this, Yvonne and her team at DFINITY designed a protocol allowing users to verify any information from the Internet Computer (ICP) with a single public key. This design ensures that when users submit transactions or query the state of a smart contract, they can be confident in the integrity of the response rather than relying on potentially manipulated data from individual nodes. Moreover, this protocol also supports verifying assets and smart contracts across different networks, including Bitcoin and Ethereum, enhancing trust and interoperability.
Furthermore, Yvonne discussed her recent conversations with enterprise players, confirming the significance of identity and key management. She highlighted that many enterprises need to be fully aware of the importance of these aspects, underscoring the need for education. Effective management of identities and keys is crucial, particularly for handling significant assets and high volumes. Enterprises need flexible solutions for managing workflows, approvals, and critical revocations. Yvonne proudly noted that DFINITY has developed solutions to address these needs without overburdening users with additional security measures.
The Role of Smart Contracts, Data Integrity, and Interoperability
Additionally, Yvonne touched on the importance of smart contracts in ensuring that processes are executed as intended, without unauthorized changes. She pointed out that auditability is a significant concern, not just for confirming that actions occurred as planned but also for demonstrating this to relevant parties. This is particularly valuable for tracking document changes and verifying contract versions.
The Director of Research also recognized that while building secure systems can be challenging, especially in protecting data from theft despite various defenses, the technology developed at DFINITY helps maintain data integrity and control. By implementing protocols that require multiple approvals for accessing sensitive data, they ensure that security is robust and user-friendly.
In her concluding remarks, Yvonne stressed the importance of interoperability between blockchain networks. She advocated for reducing reliance on intermediaries, which can introduce additional attack surfaces and trust issues. Instead, she recommended using protocols that allow direct communication between networks. This approach enhances security and aligns with the vision of a more interconnected and secure computing landscape.
Innovations in Wallet Management and Central Bank Adoption of Blockchain Technology
Mario Yaksetig, an experienced cryptographer representing the xx network, delved into the intriguing dynamics of security in blockchain technology. Notably, Mario’s work with the xx network involves developing the innovative Sleeve Wallet, which introduced a unique key management feature. This technology allows users to prove ownership of their keys, even in scenarios where the keys are theoretically indistinguishable. This development was a breakthrough, providing a way to authenticate ownership even if the key was compromised.
Furthermore, Mario shared that the team was extending this technology to create a new type of wallet to improve user experience by segregating different actions. Traditional wallets often presented a monolithic experience, whether for logging in, transferring funds, or other operations. In contrast, Mario’s team worked on restoring clarity by differentiating these functions, reducing the risk of accidental actions.
Central Banks and Blockchain: Cautious Adoption and Advanced Security Measures
Moreover, Mario discussed the challenges central banks face in the context of blockchain technology. He noted that the scale of transactions handled by central banks dwarfs the entire cryptocurrency market. Consequently, banks approach tokenization cautiously, often starting with private test nets and gradually exploring permissioned blockchains. This cautious approach stems from a desire to avoid risks associated with public networks, such as losing control over monetary settlements due to disagreements among validators. Mario illustrated this with a hypothetical scenario where disagreements over policy changes could disrupt national currency settlements.
While central banks initially resisted fully public blockchain solutions, they were increasingly open to bridging their permissioned networks with public chains. This gradual acceptance underscored the validation of Web3 primitives like automated market makers and decentralized exchanges, which central banks were beginning to experiment with.
The Bank of International Settlements and Worldcoin
Mario also highlighted the importance of robust data security measures. Drawing from his experiences with the Bank for International Settlements (BIS), he emphasized that cybersecurity standards in this sector were among the highest he had encountered. In line with this, he discussed a recent grant from Worldcoin aimed at developing advanced multi-party computation protocols. These protocols aimed to enhance data encryption and ensure that the data would remain secure and unintelligible even if databases were breached.
Cybersecurity Evolution: From Web2 to Web3 with Interlock’s Innovative Approach
Reflecting on his extensive experience, Rick Deacon recounted his past efforts in building cybersecurity awareness for Web2 environments. He had worked directly with corporations, crafting curricula to educate employees on best practices to avoid security pitfalls such as downloading malicious software or falling victim to phishing scams.
Additionally, Rick’s observations extended to the world of Web3, where he acknowledged that while the technology aimed to simplify user experiences and enhance accessibility, it still had a long way to go. Subsequently, Rick emphasized the core mission of Interlock: to ensure that users could navigate Web3 and Web2 environments safely without altering their behavior or undergoing additional training. Interlock’s browser extension, compatible with any Chromium-based browser, aimed to protect users from various threats, including phishing attacks, wallet drainers, and fraudulent smart contracts. The extension functioned silently and efficiently, preventing malicious activities without disrupting users’ workflows.
Rick elaborated on the innovative aspects of Interlock’s approach, which included rewarding users with tokens for utilizing their product. This system incentivizes safe behavior and creates a feedback loop where data collected from users helps enhance enterprise security. By analyzing threats and bad URLs, Interlock provided valuable insights to enterprises while maintaining user privacy and anonymity.
Closing out our interview, Interlock’s Co-founder also touched on the platform’s commitment to interoperability and its chain-agnostic approach. He explained that Interlock was not tied to any specific blockchain but aimed to provide security across multiple networks. This flexibility allowed them to expand their reach and collaborate with various blockchain ecosystems. The company’s goal was to avoid the siloed nature of traditional cybersecurity, which often hindered effective information sharing and collaboration.
Stay Tuned
Stay tuned to the Genfinity website to hear more from your favorite projects!
*Disclaimer: News content provided by Genfinity is intended solely for informational purposes. While we strive to deliver accurate and up-to-date information, we do not offer financial or legal advice of any kind. Readers are encouraged to conduct their own research and consult with qualified professionals before making any financial or legal decisions. Genfinity disclaims any responsibility for actions taken based on the information presented in our articles. Our commitment is to share knowledge, foster discussion, and contribute to a better understanding of the topics covered in our articles. We advise our readers to exercise caution and diligence when seeking information or making decisions based on the content we provide.
