Breakpoint 2023: When Are You Going to Get Serious About Security?
A compelling call for developers to prioritize security in the Web3 ecosystem.
Summary
At Breakpoint 2023, the subject of security in the rapidly growing Web3 industry was front and center, bringing to light the persistent vulnerabilities and the dire need for a responsible and mature approach to security. The presentation, given by Boaz Shoshan, Head of BD of SEC3, was both a critique and a wake-up call to developers within the Web3 space. Drawing on personal experiences and industry benchmarks, Shoshan underscored the importance of recognizing their own limitations and implementing robust security measures to safeguard the sector’s credibility and progress.
Key Points:
The Reality of Security in Web3
Shoshan opened his speech by expressing frustration with developers for not taking security seriously, illustrating his point with the tragic story of a young founder who attempted suicide following a breach. This incident symbolizes the serious consequences of security oversights and the urgent need for developers to ground themselves in reality and avoid preventable mistakes. Shoshan's account is a poignant reminder that behind the optimism and festivities of tech events lies a grave responsibility to uphold security and protect not just assets but lives.
Maturity and Lessons Unlearned
Despite the maturity of Web3 and blockchain technologies, there is a troubling trend of repeated mistakes, as evidenced by individuals who suffered losses both during the Mt. Gox incident and the FTX collapse. Shoshan notes a concerning lack of learning from past errors, emphasizing that while in other industries lessons are integrated over time, the Web3 community exhibits a distressing pattern of forgetfulness and repetition when it comes to security practices.
An Examination of Web3 Security
Shoshan critically examines the state of Web3 security standards, finding a lack of established procedures and consistent application. He contrasts this with historic public skepticism towards new technologies like electricity, suggesting that recurring security breaches in Web3 could similarly fuel distrust and hinder adoption. By failing to learn from past mistakes, the industry risks not only financial losses but also broader reputational damage that may slow its advancement.
The Alignment and Misalignment of Security Measures
The motivation behind security measures oftentimes seems to be more about compliance and marketing rather than genuine protection, leading to a misalignment between purpose and action. Developers and projects, driven by urgency or cost-efficiency, may opt for the cheapest security audits or those demanded by exchanges, without considering the quality and rigor needed. Shoshan urges developers to adopt a more responsible mindset to improve security at a fundamental level.
Facts + Figures
- A young DeFi protocol founder attempted suicide following a breach, signaling serious consequences of security neglect.
- A total of $1.3 billion has been lost to hacks in the current year alone in the Web3 space.
- The VC investment in Web3 during this period is slightly above $3.4 billion, accentuating the impact of breaches relative to invested funds.
- Historic comparisons were drawn between public resistance to early electricity adoption and current skepticism towards blockchain technologies.
- Shoshan highlighted the importance of structural alignment between projects and security firms while expressing concern about current misalignments.
Top quotes
- "This is a very serious industry with very serious consequences, and you need to take it seriously."
- "It really did drive home to me, just how some developers, you know, you think you're a gigabrain, you think you can do anything, you think that bad things won't happen to you because you're so smart, and bad things do happen, and as a result, you completely lose your frame of reference."
- "If there's anything that you're going to take away here, I'm not really here to shill a bag, I'm mostly trying to tell you to keep yourself grounded in reality and not let yourself make mistakes when you could avoid them."
- "Why are we not learning from our mistakes? Why is this happening so much?"
- "Security is not progressing in line with the technology."
- "Every time that there is a serious security breach in the world of Web3, it actually does everybody a disservice."
Questions Answered
Why is Web3 security important?
Web3 security is vital as it guards not only the substantial financial assets involved but also profoundly affects individuals’ lives and the reputation of the entire industry. The seriousness of security in the Web3 space is highlighted by the consequences of breaches, which can range from financial ruin to personal tragedies.
What are the current Web3 security standards?
Currently, the Web3 industry lacks established and universally accepted security standards. Developers and projects often rely on the cheapest available audits for compliance, which may not be sufficiently rigorous to protect against sophisticated threats.
How does the history of technology adoption compare to Web3's current situation?
The historical resistance to the adoption of electricity is comparable to current skepticism surrounding blockchain tech. As with early electricity infrastructure, the Web3 industry faces public doubt, with every significant security breach potentially eroding trust and impeding growth.
What might incentivize developers to prioritize security?
Developers should recognize that the economic and reputational stakes are high for the entire Web3 ecosystem. Security must be seen as a foundational aspect of Web3 development, with the realization that secure platforms strengthen the entire industry and lead to broader adoption and growth.
What lessons can Web3 developers learn from past industry mistakes?
Web3 developers need to learn the importance of incorporating lessons from past breaches to avoid repeating the same errors. Security practices should not be an afterthought or purely for compliance and marketing; they should be fundamental components of project development to protect users and ensure longevity.
Comments
Please login to leave a comment.
On this page
Related Content
The Metaverse Episode featuring Webaverse, Loomdart & Jin
Explore the future of the open metaverse with Webaverse founders and crypto influencers as they discuss decentralized digital identities, NFTs, and community-driven virtual worlds.
The Solana Ecosystem Call | August 2025
Comprehensive breakdown of Solana's August 2025 ecosystem call covering 15 major wins, digital asset treasuries, proprietary AMMs, rev coins, and the explosive growth across DeFi, stablecoins, and global adoption.
Community and Culture with Solana OG Based Charker
Dive into Solana's vibrant ecosystem with Chase Barker as he discusses NFTs, meme coins, and the future of blockchain innovation on the Midcurve podcast.
Keystone Wallet: a Next Gen Blockchain Hardware Wallet (feat. Lixin, founder) - Solfate Podcast #53
Explore how Keystone Wallet is transforming blockchain security with its innovative hardware features, multi-chain support, and user-friendly design. Learn about the importance of hardware wallets in crypto asset protection.
The Libra Impact On Solana | Weekly Roundup
Explore the controversial Libra token launch, its impact on Solana, and the broader implications for meme coins and crypto market integrity.
The Truth Behind Crypto Market Makers | Matt Jobbé-Duval
CoinWatch CEO Matt Jobbé-Duval reveals the shadowy world of crypto market making, from call option structures to active manipulation schemes that have devastated token launches in 2025.
The Bull Case For Solana In 2025 | Ryan Watkins
Ryan Watkins discusses Solana's explosive growth, the rise of AI agents, and why Solana could become the leading smart contract platform by 2025.
Solana Changelog June 14 - Wallet Delegation, Anchor updates, and a new Developer Site
Discover the latest Solana updates including a new wallet delegation standard, Anchor improvements, and a revamped developer website. Stay ahead in the Solana ecosystem!
Ledger on Solana - Full conversation
Discover Ledger's new custom Solana hardware wallet, early access perks for JTO holders, and why Ledger is investing in the Solana ecosystem
The Solana Ecosystem Call ft. Lily Liu [October 2024]
Explore the latest Solana developments: Breakpoint 2024 success, institutional adoption, mobile innovations, and exciting new projects in DeFi, gaming, and renewable energy.
Solana Changelog July 11 - Merkle Shreds, Turbine, and a Security Series
Discover the latest Solana updates including QUIC Turbine implementation, Merkle Shreds rollout, and a new security series for developers. Learn how these changes improve network efficiency and program security.
Solana Changelog - October 24: NFT Locking, GetHealth, and Open Clockwork
Discover the latest Solana developments including NFT collection locking, GetHealth endpoint improvements, and the Open Clockwork initiative. Stay informed about Breakpoint and recent hackathon projects.
Solana Changelog - January 24, 2023 - Bankless Leader, Explorer Updates, Nonvote RPC
Explore Solana's latest developments including the Bankless Leader proposal, Explorer updates, and impressive ecosystem growth in this comprehensive changelog.
Solana Changelog June 22 - Token Metadata, Anchor 28, QUIC on Turbine
Discover the latest Solana updates including the Token Metadata Interface proposal, Anchor 0.28.0 release, and QUIC implementation for Turbine in this comprehensive changelog.
Solana's Next Narrative | Weekly Roundup
Explore Solana's evolving narrative, from meme coins to sustainable businesses, and the challenges facing crypto discourse in this in-depth roundup.
Solana Token Markets
