Web2 software engineers have benefitted from design standards, mature programming languages, and vulnerability tools to minimize the risks of an attack. Failure to do so can result in a situation similar to my “Equifax Attack: Only a Matter of Time” publication back in 2017.
Those working in Web3 projects find themselves at an exciting stage. Initiatives like bounties and Decentralized Autonomous Organizations (DAOs) drive new opportunities for these pioneers to explore. Unfortunately, the Web3 landscape is not as mature or defined as earlier phases in the web frontier. Compounding the situation is the risk those challenges impose in a decentralized environment — where exploitation can result in losing a large volume of assets, as well as the time it takes to secure an auditing service for smart contract code and the duration of the audit itself