Crypto, Web3 and blockchain security has always been a hot button issue. This is true especially for an industry that has so many technical terminologies and terms that many newbies don’t define or understand easily.
We had to find experts who know the security issues that are a part of the space and have solutions to the many questions users ask and have a hard time understanding.
Geoffrey Arone,Isaac Patka Co-Founders at Shield3, gave us insights we want to share with you.
Here’s the inside scoop!
Geoffrey Arone,Isaac Patka Co-Founders at Shield3
Please, can you tell us about the general concepts behind the Shield3 project?
Shield3 aims to bring peace of mind to the crypto and Web3 world. Just as your wallet in the real world holds your money and identification, your digital wallet in the Web3 world does the same. It’s used for transactions, identity verification, and community participation. As we have more control over our data and assets in this new world, we also need ways to protect them. Shield3 does this by constantly monitoring for threats and preventing you from making mistakes or falling for scams.
Related:Web3 – An Ultimate Guide for Beginners
How does the Shield3 DApp scan and monitor user-connected wallets?
Think of Shield3 as a vigilant guardian. It continuously scans your past transactions and those of the people and apps you interact with. This helps us create a detailed risk profile for you. We also customize security policies for each wallet. These policies work like a shield between your wallet and the blockchain, blocking or flagging suspicious transactions. It’s similar to how your credit card company detects fraud.
What kinds of potential risks, scams, and vulnerabilities does the Shield3 DApp identify and alert users about?
Shield3 is like full-time security, alerting you to dangers such as malicious apps and tricky permissions that could let bad actors steal your assets. It also watches out for reputable apps that might have accidentally introduced vulnerabilities through updates. User-defined policies, like spending limits or blacklisted recipients, also trigger alerts.
Related:How To Minimize Risks When Investing in Crypto
What are some common security risks associated with cryptocurrency wallets?
One major risk is being fooled into executing harmful transactions by phishing sites or individuals pretending to be someone else. Another big risk is when users interact with wallets, DAOs, tokens or exchanges that do not know they are compromised themselves. For example, a user may be a member of a legitimate DAO that is improperly configured. Shield3 can detect and prevent a user from being a victim.
How does Shield3 help users navigate Web3 ecosystems safely?
When connecting with Web3 applications, it can be chaotic and hard to navigate. These apps often ask you to connect your wallet to confirm transactions. However, the difference between sending $10 or $10,000 may not be apparent. It’s like trying to read a foreign language. Even if you confirm transactions in your wallet, Shield3 acts like a safety net, catching dangerous transactions before they hit the blockchain.
How does the Shield3 DApp analyze transaction logs for potential risks?
One of the perks of the blockchain world is its transparency – all transaction logs are public. But understanding them can be very challenging. Shield3 has developed tools that read through these logs and spot signs of suspicious activity.
What kind of ongoing monitoring and scanning processes does the Shield3 DApp provide?
Shield3 keeps an eye not just on your wallets, but also on the applications you use and the wallets that control those applications. We watch everything, ensuring you’re safe from threats both known and unknown.
What are the differences between your free and paid plans?
You can take Shield3 for a test drive with our free plan, scanning your wallet or our demo wallets to see the threats we detect. It’s a free health check-up for your digital wallet. With our paid plan, you get real-time threat interception and active monitoring.
What are some best practices for securing personal information when using Web3 applications?
When using Web3 applications, it’s essential to ensure the safety of your personal information and assets. This starts with securely backing up your keys offline. Remember, if someone gains access to your keys or ‘seed phrase’, they can not only drain all the funds from your wallet, but they can also impersonate you in web3 communities. Offline backups using paper or metal are critical. Avoid saving key-related text files on your computer, email drafts, or even in password managers which could potentially be hacked.
How easy is it to use Shield3?
Shield3 is designed to be user-friendly and to work seamlessly in the background. There’s no need to install any complicated software or extensions. You simply connect a wallet, add the Shield3 protected network to your wallet, configure notification settings, and proceed with your activities. Shield3 only reaches out when there is an urgent issue needing your attention, giving you peace of mind knowing that we are vigilantly looking out for potential threats.
In an age when the password is dying, what are your plans to keep up with security and access trends?
As we shift away from passwords, users will have to get accustomed to managing their own keys (e.g. the Web3 equivalent of username/password). Shield3 adopts a minimal access principle, requesting the least amount of information and access possible from our users while providing optimal security and peace of mind. By limiting this access, we can help people reduce their susceptibility to breaches and attacks.
Why is user protection critical to improving cryptocurrency and blockchain technology adoption?
User protection is crucial in making cryptocurrency and blockchain technology more inclusive and accessible. To fulfill the promises of broad, inclusive, and fair financial infrastructure, we need to simplify the learning curve and ensure users have the necessary protections without sacrificing security and privacy.
How risky is the DeFi space right now?
The DeFi space offers a wide range of products, from relatively safe collateralized lending products from major protocols to riskier automated investment strategies. It’s important to distinguish security risk from financial risk. Shield3 helps to protect you from security risks related to scams, hackers, and mismanagement. Regarding financial risk, users have to determine what investment strategies best align with their own risk profiles.
How can Shield3 help mitigate these risks?
Shield3 has the ability to detect and block accidental interactions with phishing sites, interactions with legitimate protocols that may have potentially introduced vulnerabilities, or interactions with new, highly risky unverified applications. Depending on their risk tolerance, users can configure their Shield3 policy to allow for experimentation with the latest, riskiest things or to ensure they are only using reputable, safe services.
What are some of the security challenges facing the widespread adoption of Web3? How do you think they can be overcome?
The widespread adoption of Web3 comes with a steep learning curve, increased responsibilities, and none of the conveniences expected from traditional web platforms. We need to simplify key management for users (to avoid large centralized fraud scenarios like FTX), enhance their understanding of wallet operations, and empower them to manage risks consistent with their tolerance levels.
What is your approach to threat analysis?
Our approach to threat analysis is real-time and personalized. While some threats are universal and would be blocked no matter what, we believe in giving users the freedom to explore the web3 space with customized risk levels. We aim to provide peace of mind without compromising security, software installation, or private key management.
How do you maintain internal operational fidelity per your operations?
At Shield3, maintaining internal operational fidelity is paramount. We utilize a robust internal monitoring infrastructure that ensures all systems are operational and constantly scanning new information for our users. We vigilantly monitor our data sources and threat analysis processes and adapt to feedback continuously. Users can access a visualization of our operations at our command center on our website.
What is the backstory behind Shield3’s founding?
Shield3 was born out of our deep experience in web security and product design and development. Geoffrey is an expert in web security, particularly in online identity and Isaac is an expert in crypto security. They initially started a venture with the goal of making ‘DAOs’ (Decentralized Autonomous Organizations) more accessible to the public. DAOs offer people the ability to manage shared assets, fundraise, build products, and collaborate globally. However, as they developed tools for DAOs, they identified critical UX and security barriers preventing most people from tapping into the potential of web3. Given both of their extensive backgrounds in security & product development, they founded Shield3 to address these challenges.
Please, can you tell us about the team of miracle workers who are currently on the project?
Geoffrey Arone is an accomplished investor, advisor, and executive with experience across blockchain, internet, and social media industries. He was a founding partner at Arrington Capital, where he made > 50 investments and helped grow the fund to > $100 million in assets. Prior to that he founded SafetyWeb/MyID.com, which is now the basis for > $1B of revenue for Experian, who acquired the company in 2011.
Earlier in his career, Arone helped pioneer the “social web” and “social media” before these terms became mainstream. In co-founded “Flock” (acquired by Zynga) and “SafetyWeb” (acquired by Experian), he has raised > $100 million from top VCs such as Bessemer Venture Partners, Battery Ventures, and Fidelity Ventures.
Arone holds an MBA from MIT and a Sc.B. in Neuroscience from Brown University. He also started a Ph.D. in Neuroscience, which was funded by The National Institutes of Health.
Isaac is a former electrical engineer in the semiconductor industry, turned crypto dev in early 2017; specializing in web3 security, DAOs, and experimental applications of blockchain technology. Isaac is an active contributor to open standards in the governance and security fields of web3. He entered the Ethereum space in 2017 by hunting bug bounties for experimental new smart contracts. Ever since then he has used his passion for accessible, transparent security to demonstrate both what can go wrong, and how to fix it. Last year he published a ‘white hat’ exploit of a popular smart contract framework that manages billions of dollars in the crypto space. Citation:https://law.mit.edu/pub/exploitinginattentionandmisconfigurations/release/1
He also volunteers his efforts to help people recover from losing their private keys and access funds in leaked wallets. In addition, he collaborates with artists in their exploration and creation of crypto-native forms of art, often exploring collective creation, intellectual property, and ownership.
Do you have any summer plans crypto-wise?
We will be attending conferences, participating in open source research initiatives, and shipping features to Shield3 users!
Related:What Does the Future Hold for Cryptocurrencies and Banking? (Roundtable Interview)