jakiro
I saw @GoPlusSecurity early in the morning to build a modular unified user security layer.As a former Crypto security veteran, an unfinished security vision has ignited in his heart.Crypto’s most important “safety” direction has always been too “service” driven, and is always in an embarrassing situation of “resolute response beforehand and helplessly slap the thigh afterward”. How can we break the deadlock?Will modular secure unified network be the optimal solution?Next, let me tell you what I think:
1. Security issues are always valued after the incident. This is what we often call “security awareness”. They are not an overall awareness that can be improved by short-term appeals and shouting. They are destined to be hacked and phished incidents one after another.Only after being stinged can you gradually turn into a kind of alertness.
Moreover, “security incidents” can only decrease as the industry matures and will not disappear.Therefore, security as a “service” will always be needed, but it is always passive, which is not conducive to security companies improving their Crypto niche;
2. Modularity has become a normal development path in the Crypto field, whether it is as large as a middleware network, layer2, or some independently split DA modules, Execution modules, Settlement modules, and the expected Security SecurityLayer modules are gradually becoming the key modules that constitute the main elements of Crypto.
In the future, the consensus layer, settlement layer, execution layer, DA layer, etc. that originally constitute the chain will be independently encapsulated in a modular manner and are embedded in the architectural systems of each blockchain with high interoperability.The same is true for the security module layer, which will become an additional capability that must be plugged and unplugged and assembled on every chain;
3. As the overall development of the industry becomes more mature, there are fewer hacking incidents on pure B-side, which is directly related to the continuous security protection work of Developer in the industry and the progress of industry code driven by DeFi black case forests, but the B-side security incidents are reduced., does not mean that the overall safety disaster will disappear, and a large number of phishing attacks have become a new round of safety-hit areas.Therefore, a security module layer that is oriented towards the C-end and can provide users with “unconscious” security protection must shoulder its mission;
4. Why should we emphasize “unconsciousness”? Because of technological progress and industry maturity, we must abstract complex problems to the back-end infra layer to solve them, and the Gap perceived by front-end users will become smaller and smaller.Based on modular structure chain security components, it involves timely blocking of dangerous and suspicious transactions, preview of the path before the transaction is on the chain, front-end Alert warning before signature, update of off-chain Oracle information such as phishing websites, KYC anti-money laundering compliance supervision, etc.wait.
It is simple in theory, but it is actually compatible with each chain and has different consensuses, and also needs to match the simple Wallet, Dex and other protocols in different environments. It is not easy to fully exert the value of the modular security layer;
5. If security stays at the “service” layer, an inevitable reality is that endless plug-ins, various tools, and even developers, ordinary users, Traders, institutional users, etc. must be equipped with different security solutions.The result is that the competition among security companies is booming, and ordinary users do not have an intuitive sense of improvement in security levels.
The security industry also needs a unified security module layer, which continuously provides security warnings and experience improvements for C-end users, and is highly compatible with B-end developers and chains, wallets, protocols, etc. In the long run, the security awareness of C-end and B-end isOnly by improving consistency with safety protection work.
In short, security offense and defense will be a problem that has always existed in the Cryptp field, because it is too close to money, and there will always be hackers hiding in the dark and scanning the security weak ring to attack.
In essence, hacker attacks and security protection are both cost confrontations, and the cost of hacker attacks is increased by protecting targets.Fragmented security services are like fighting guerrilla, and the consistent security chain ecological construction and the united front protection of the modular security layer are currently the best solution to improve the Crypto security level.
