Table of Contents
Web 3.0 Security, Think DevSecOps
Building robust and scalable cross-chain infrastructure that lays the groundwork to enable different blockchain networks to communicate with each other seamlessly and securely is paramount. With frequent technical advances and new tools emerging, it can be difficult for builders and founders to navigate the diverse landscape.
That’s why during the Product Development phase of the MVB accelerator program, we’ve invited interchain expert, Axelar, and Web 3.0 cybersecurity provider, Ancilia to share their insights and best practices on setting the right foundations with the 12 project teams building their MVP on the BNB Chain.
In 2022, US$3.8 billion was lost in Web 3.0 hacks alone. Huagang Xie, CEO and Co-Founder of Ancilia, points out that the common vulnerabilities in these hacks are not only from Web 3.0 flash loans, re-entrance attacks, logic errors, access controls, and wallet security attacks but also from Web 2.0 DNS hijacking, code injection and phishing attacks. Founders and developers should think about security holistically and utilize existing Web 2.0 tooling, auditing smart contracts, and securing wallet addresses.
The earlier you think about security, the better your security outcome – this is where DevSecOps comes in. It’s a development practice integrating security initiatives at every stage of the software development lifecycle to deliver robust and secure applications. Here’s how Ancilia approaches DevSecOps:
- Plan Security in Design – ensure you have a good security architect to build and plan the security framework early in your development process.
- Code with Security Libraries – don’t try to introduce your own code onto your smart contract if you can use those available from a battle-tested library.
- Build Out Web 2.0 & Web 3.0 with Equal Importance – don’t miss out on pen-testing your website and smart contract co-auditing.
- Combine Release & Testing with Security – ensure the entire developer cycle is secure so no bugs are introduced further along the process.
Ancilia is a real-time, behavior-based threat detection and prevention platform. Its platform collects on-chain and off-chain data and provides an in-depth analysis through a threat detection engine through a project’s entire lifecycle.
Infrastructure for a Cross-chain Future
As we know, it’s complex to build cross-chain. A developer may spend 3 months to write the core application logic to take an application cross-chain and then spend another 9 months redeploying the application on different blockchains. Georgios Vlachos (Co-Founder) and Stephen Fluin (Head of Developer Relations) at Axelar walked the project teams through building scalable multi-chain infrastructure and their experience expanding cross-chain to the BNB Chain ecosystem. But before we dive into building infrastructure, what’s the difference between cross-chain and multi-chain?
- Multi-chain – applications that launch on different chains i.e., Uniswap, SushiSwap
- Cross-chain – an application that has its home base on a specific chain and interacts with other chains through satellite contracts.
Building a multi-chain introduces a lot of fragmentation. If you have multiple versions of your application, you don’t want your users to bridge over to different chains and take multiple steps. It’s best to extract all of the complexity away from the user.
With the cross-chain model, each application has a home base and satellite model. For example, you can easily launch on the BNB Chain and launch lightweight contracts on every other chain that allows communication with your core application. This deployment method also offers the advantage of security – when there’s a home base, you can set up trade limits.
In the multi-chain paradigm, an application stops between different blockchains. In other words, there is no central place to set trade limits in a multi-chain environment. If something breaks from a single chain, the attack can propagate to every other chain in that set.
Axelar is a decentralized interoperability infrastructure that allows developers to build cross-chain applications. The network passes cross-chain messaging by using the Axelar blockchain as an outer layer, whereby a single point of integration has been created for any chain that wants to join and gain access to the other chains integrated into the ecosystem.
Secure and scalable cross-chain infrastructures are crucial for the growth and adoption of Web 3.0. interoperability between chains for a more efficient and reliable experience. Prioritizing security and scalability will drive further adoption and growth of decentralized applications.
What’s next in MVB 6?
Entering Phase 3 of the accelerator program, founders will begin to think about growth and traction. We’ve invited a round-up of industry experts to share insights with the 12 project teams over the next few weeks.
- Creating a User Growth Flywheel in Web 3.0 with Eowyn Chen, CEO of Trust Wallet
- Designing Tokenomics in a Crypto Bear with Binance Labs Token Engineer
- The Role of Trading Firms with Jump Capital & Wintermute
- Crypto Legal 101 with Paul Hastings LLP