Einaras Gravrock

Einaras Gravrock

3min read

Web3 Security Has A Massive Gap

Web3 Needs Real-Time Transaction Security

$1 billion was spent securing smart contracts in 2022, yet $4 billion was hacked last year.

Cybercriminals are exploiting a major web3 security gap, and the majority of stolen funds fell into the hands of state-sanctioned hackers. Subsequently, web3 founders and developers become increasingly wary each time their contract is called.

A variety of services help protect smart contracts, dApps, and blockchain-based platforms – including auditing, threat simulations, threat monitoring, and incident response. At CUBE3.AI, we have tremendous respect for the companies that offer these tools because they’ve preserved and increased the value and impact of the web3 ecosystem. Code security at deployment and remediation post-exploit are crucial. At CUBE.AI, we are providing real-time transaction security to bridge the gap between the two.

Today, there are two security layers: code security and remediation. Code security is the first critical step when building an application (audits, bug bounties, and threat simulations). While audits provide a good filter against a wide range of potential vulnerabilities, bugs, and security loopholes, threats can still persist once your code is in the wild. An estimated 3091% of hacked contracts went through the formal audit process (some, multiple times).

Why is this? Limitations on code audit scope either due to novel threat vectors (zero-days), supply chain vulnerabilities beyond your application’s purview, human failure/error (domain knowledge, time constraints, etc). There are many contributing factors and no single solve in an emerging and evolving industry.

With remediation, you’re notified about a hack and respond to the incident by and pausing your business/contract and negotiate funds. How can you mitigate risk after you’ve deployed your code? Not just be alerted of a threat, but prevent malicious transactions?

Introducing Real-Time Transaction Security

CUBE3.AI is introducing the next logical step in web3 threat protection, real-time transaction security. CUBE3 leverages machine learning to not only detect threats against your smart contracts, but to also block exploits in real-time. Unlike monitoring solutions that typically alert after the fact, we evaluate every runtime transaction, and decline it if necessary.

CUBE3.AI rates every transaction, smart contract and wallet address with our Risk Score in three categories; Fraud, Cyber and Compliance. Our Runtime Application Self-Protection (RASP) blocks transactions that are outside your risk threshold, and inform you and your community of all potential transaction threats.

Real-time transaction security helps to prevent remediation and reduce stress for founders and developers. It’s a necessary additional layer of protection after your contract has been deployed that is dynamic enough to handle contract upgrades, emerging threats and ensure business continuity. Our goal for smart contract developers, builders and web3 innovators is to elevate the highest standards of security and trust in projects through layered security, so they can focus on creating solutions that increase adoption of web3.

We’re excited to make our platform generally available soon to improve your real-time web3 transaction security. Sign up for access and join our community today!

Stay informed, stay protected.
Get the latest web3 security news first