Cybersecurity Expert Discusses How to Build Trust in Web3 Gaming
Cybersecurity is crucial for the mainstream adoption of Web3 gaming, as it ensures trust and confidence among players and developers.
While Smart contracts offer security and transparency, they also pose potential vulnerabilities, especially those controlling valuable in-game assets.
Web3 mobile games are gaining popularity, but storing excessive value in a single game wallet can pose risks.
Web3 gaming’s value-driven nature attracts hackers, emphasizing the need for reputable developers, security audits, and defensive tools to protect players.
The article includes insights from Steven Walbroehl, co-founder and CISO of Halborn, a renowned cybersecurity company specializing in advising Web3 organizations.
Web3 technology offers novel approaches to game creation, distribution, and monetization. However, blockchain is not immune to hacking and exploitation, as several cases like the Ronin network compromise and Tales of Elleria Arbitrum bridge hack have shown in recent years.
Blockchain gaming offers many benefits to players, such as ownership of in-game assets, participation in game governance, and earning real-world value for gameplay. However, web3 gaming must overcome cybersecurity challenges to ensure its security and reliability, which are crucial for widespread adoption and success. After all, security measures are essential for web3 gaming adoption for the trust and confidence of players and developers.
In an interview with Steven Walbroehl, co-founder and CISO of Halborn, Metaverse Post discussed the cybersecurity challenges of web3 gaming. Halborn is an award-winning cybersecurity company that employs ethical hackers to offer comprehensive cybersecurity advice and products to both web2 and web3 companies. The company has worked with notable clients like Infinity Skies, Coinbase, and Avalanche.
“Historically, new technology introduced to the world is often immediately used by criminals. The first cars invented in the late 1890s were quickly adopted by bank robbers to use as get-away cars, but we still have cars today over a hundred years later. It’s through security and awareness of the threats, once the value of things is found that will help build trust in the use cases of web3. My thoughts are once we create awareness and learn how to better use the technology, mainstream adoption is inevitable,”Walbroehl said.
Smart Contracts in Gaming
Smart contracts are self-executing programs that run on a decentralized network and can facilitate various transactions and interactions in web3 games. They are essential for blockchain games for a new level of security, transparency, and innovation for game developers and players. However, smart contracts also pose some security risks that developers should be aware of and mitigate.
According to Walbroehl, the most critical vulnerabilities often expose contracts acting as large vaults, such as a treasury, or those acting as a relayer from one chain to another to mint or burn tokens. These contracts have lots of powerful functions that control the flow and distribution of in-game assets.
“Smart contracts should be thoroughly audited, continuously each time code changes, and before being put into a live environment.”
Vulnerabilities in Web3 Mobile Games
Web3 mobile games are becoming increasingly popular. Last year, DappRadar noted that mobile blockchain games brought more than 1.7 million users from web2 into web3 gaming in seven days.
For mobile web3 games, Walbroehl advises ensuring you don’t store too much value at risk in a single-game wallet. Usually, mobile games create “side chains” that will make transactions cheaper and faster. These side chains, like Axie Infinity, can have unpredictable issues if they are not thoroughly audited or tested. And most often, web3 gaming projects get rushed to production before companies like Halborn can check them end-to-end for vulnerabilities so that the new release is as secure as possible. It’s crucial developers have all aspects of a game tested before release and not j.
Cybersecurity in Traditional Gaming and Web3 Gaming
Traditional games rely on centralized servers and platforms that store and manage user data, game assets, and transactions. These servers and platforms are vulnerable to hacking, denial-of-service attacks, and censorship. Web3 games, on the other hand, use decentralized technologies to create peer-to-peer networks that enable users to own and control their data, game assets, and transactions. These networks are more resilient to hacking and pose new risks, such as bugs in smart contracts, scalability issues, and regulatory uncertainty.
The differences in “normal gaming” compared to “web3 gaming” are vast, Walbroehl added. But the difference in web3 gaming compared to other web3 organizations are similar. For example, in traditional games, security threats can expose customer IDs or cause issues in payment gateways. True web3 games, however, are often decentralized and permissionless. The same goes for the risks in web3 organizations where security considerations are always focused on the user/gamer, their private key, and who holds the custody of any value.
Web3 gaming is an exciting and rapidly growing field that offers many opportunities for innovation and new forms of player engagement. However, with these opportunities come challenges. As Web3 gaming continues to evolve, it is important for developers and players alike to be aware of the potential risks and take steps to mitigate them.
“I think that gaming in web3 space will continue to grow in terms of crowdsourcing, play-to-earn models, and online gambling. All three of these share in common the same thing: value. And when there is something of value, it becomes a target for hackers and malicious users. One thing to be aware of is the reputation of a developer, so there is no inside-job “rug-pull” and that they take security seriously by hiring audit companies and defensive tools to protect the players,”Walbroehl said.
- Smart Contract Security – Everything You Need to Know
- Metaverse firms join forces as phishing tactics evolve alongside Web3
- Safe Security Raises $50M Series B Round for AI-Driven Cybersecurity Platform
Any data, text, or other content on this page is provided as general market information and not as investment advice. Past performance is not necessarily an indicator of future results.
The Trust Project is a worldwide group of news organizations working to establish transparency standards.