Web3 Is Supposed to Be Secure. What About All These Hacks?

Web3 promised us a new era of privacy and security, but a series of recent major hacks make all that look like a lie.

In reality, Web3 is becoming a security nightmare as a slew of recent hacks has left some wondering if they should just turn our money and data over to Mark Zuckerberg and call it day.

The latest security disaster involves the play-to-earn game Axie Infinity, which is supposed to be the poster child for what Web3 can be. If you missed it, hackers broke into the Ronin “bridge” between Axie and the Ethereum blockchain and robbed it to the tune of $552 million at the time (now worth $630 million, since ETH is up)—a staggering amount even in this crypto gilded age.

Even more shocking is how the attack took place. As engineer Molly White explains, the crew behind Axie set up the bridge in such a way that it required only nine trusted validators—meaning that a hacker only needed to compromise five accounts to get the keys to the kingdom. And that’s what happened. Even worse, it took six days for the Axie team to notice that $630 million worth of Ethereum had been looted and to tell users, whose money is now gone.

Read More at Decrypt

Read the rest at Decrypt