Security problems discourage the growth potential and long-term acceptance of blockchain innovations. As blockchain technologies attract more users, companies are looking for stronger ways to secure their platforms. Every day, more than 100,000 users are joining crypto trading platforms. Meanwhile, attackers continue to look for ways to exploit vulnerabilities in the products.
An article from CoinCentral, Major Security Flaws Threaten Deployment of EOS Mainnet, by Richard Malone, reported on one platform’s “epic vulnerabilities.” As the world’s fifth-largest cryptocurrency, EOS plans to compete with Ethereum. However, EOS announced that it had a major issue: an attacker could steal a private key and publish a malicious smart contract. This allows the attacker to take control of the network, which leaves the nodes of wallets and exchanges vulnerable to theft.
EOS took action to find a solution. The company also offered a bounty of $10,000 to anyone that successfully finds a critical bug.
QR Code Encryption
SafeWallet, a mobile crypto-asset manager, released a new security system that replaces private keys and mnemonic phrases. The new two-layered system allows users to easily access their accounts using a QR code-based ID along with answering some security questions.
Although the use of QR promises a better way to secure a wallet, it is not a perfect solution. An attacker could still access a QR code if a user saves it on a device or stores it in the cloud. But SafeWallet points out that the additional requirement of answering specific security questions adds an extra layer of security. Additionally, the private keys never appear as text in the wallet.
SafeWallet opened up its new technology to third-party developers to improve wallet security for blockchain users. The company is promoting its new user-friendly system as a bridge to connect decentralized and centralized systems. The company hopes to resolve security issues for blockchain products while making it easier to use.
Alice M. Porch, Esq., CIPP/US, C|EH, Security+
Alice is a member of the Florida Bar, and she focuses on data privacy and cybersecurity compliance. She attended the Warrington College of Business at the University of Florida and earned a Bachelor of Science in Business Administration. After graduating, she earned a Juris Doctor at the Stetson University College of Law. During law school, she served as an Assistant Executive Editor for Stetson Law Review and also as a Staff Editor for Stetson Journal of Advocacy and the Law. She also served as a member of The Florida Bar Journal/News Editorial Board from 2018-2024. She is currently a member of the Florida Bar Cybersecurity and Privacy Law Substantive Law Committee.
