To Keep Web3 Safe, Security Needs to Be a Group Effort

Degens look out for one another. Or at least, they should, if seeking to honor the community ethos of the NFT space. But how many NFT enthusiasts are actually putting that principle into practice? Sure, sharing opportunities and prosperity counts for something. Supporting each other to success does as well.

But protecting each other from bad actors seems to be left out of this reciprocity equation.

By and large, every time a prominent figure in Web3 falls victim to a scam, it feels as if we’ve failed to safeguard one another. But it isn’t due to a lack of trying. Rather, it’s nearly impossible to identify and share each and every new security risk day after day within our current infrastructure. This implies that a change must be made.

To better the safety of Web3, many feel that security needs to be more of a group effort. By leveraging a quintessential facet of the NFT space — the community — a select few projects and groups aim to crowdsource new ways of keeping blockchain users safe.

Safety in numbers

This idea of crowdsourcing Web3 security has been expressed by many, but perhaps most notably by OpenSea Co-Founder and CTO Alex Atallah. With the introduction of the NFT Security Group in January of 2022, Atallah and his peers effectively sent a message to bad actors in Web3: going forward, every major player in the NFT space would be keeping an eye out for their misdeeds.

Comprised of 18 prominent crypto-NFT firms, including Adobe, Coinbase, and MetaMask, the NFT Security group — effectively a blockchain neighborhood watch — was conceived for these companies to share unpublished vulnerabilities with each other to identify bugs and ensure the security of NFTs. The goal was to foster proactive, community-driven, close-hold, and cross-platform safety.

Excited to officially announce the NFT Security Group.

Web3 security is a community effort, so we’re partnering w/ more than 15 companies & projects to share vulnerabilities and fixes before they reach other platforms.

— Alex Atallah (@xanderatallah) January 17, 2022

“We believe the security implications of Web3 extend across platforms and that the inevitable trend toward dis-intermediation comes with security implications and responsibilities for everyone involved,” Atallah wrote in a blog post introducing the Security Group. “Simply put: more collaboration in this space is required to tackle security and safety challenges at the highest level, which is why we’re announcing the creation of a private NFT Security Group.”

Due to a lack of communication following the initial introduction, there’s really no way for the general public to know how effective the group has been to date behind closed doors. But even so, its launch alone highlighted the potential of crowdsourcing Web3 security as an effective means of bolstering safety. And now that over a year has passed since the NFT Security Group came to be, others have taken up the cause of keeping Web3 safe.

Practical ways to keep the NFT herd safe

Currently, a growing variety of Web3 security tools exist that simply not enough degens are using. The developers of these tools have found themselves hard-pressed to foster usership among a population of enthusiasts that often holds profiting at a higher importance than security. But a more community-focused solution has recently taken shape through services like NotCommon and SafeSoul.


With NotCommon, users across Ethereum, Polygon, Solana, Tezos, and more can sign up to receive real-time custom alerts about security threats in Web3. By connecting a wallet to the service, users will get updates about security threats specific to their NFTs, tokens, and the projects they follow.

This reactionary model might prove extremely effective for keeping Web3 users safe from the all too common account hacks that plague blue-check NFT projects. By identifying threats as they occur, NotCommon can send up a flare that might save collectors from engaging with malicious links or trading unofficial and nefarious NFTs.

Yet, the reactionary nature of the NotCommon service might also be a caveat. Because as we’ve seen in the past, through individualistic efforts, this type of response to security threats isn’t always far-reaching enough to protect the majority of the NFT community. So to take it a step further, services like SafeSoul have endeavored to create a robust ecosystem of both proactive and reactive solutions.


Created by the same team behind the Digital Animals NFT project, SafeSoul is a free browser extension that highlights potential NFT scams as a Web3 user navigates Twitter, Google, YouTube, and other regularly trafficked sites and platforms. And while threats are constantly being monitored by the team behind the project, SafeSoul also relies heavily on community members to identify potential malicious accounts and content.

What SafeSoul can do?

SafeSoul works as a security alert, highlighting security status everywhere across the web: Twitter, Google Search, YouTube, etc. Scam pages are highlighted with red frames, drawing users’ attention and protecting them from accidental clicks

— SafeSoul.eth (@SafeSouleth) March 2, 2023

With the SafeSoul Web3 Patrol, users are incentivized to flag potentially hazardous accounts and websites by leveraging their identities as trusted members of the NFT community. To do so, a user needs to obtain and activate a SafeSoul token, which essentially means binding it to their wallet as a non-transferable Soulbound Token, that can be used to verify their role.

By utilizing this unique methodology, SafeSoul’s dev team can keep track of the platform’s contributors to ensure they are accountable, and contributors can help keep their fellow degens safe by acting altruistically.

“From day zero, we’ve used information from over 20,000 scam pages to create the SafeSoul database,” Seni Rogova, a team member behind the SafeSoul project, said in an interview with nft now. “Our database has artificial intelligence that is always learning and searching for new websites, new pages, and new accounts[…] But in case of an emergency, we do have a system for [trusted users] to go right into the extension and say, ‘this is a scam.’”

Although there are more steps in the system that involve voting, validating hack accusations, and so on, if we travel further along this top-down direction, it’s clear that the Soulbound Token system might have the potential to greatly benefit SafeSoul’s general users. Because now, enthusiasts can easily avoid fake or otherwise insidious accounts and products prior to engaging simply by going about their regular Web3 business.

Bandaid fixes won’t last forever

From the NFT Security Group to NotCommon to SafeSoul, it’s become clear that to keep Web3 safe, security needs to be more of a group effort rather than one existing in a vacuum. Yet, considering the still very nascent nature of NFT tech itself, it surmises to say that the security of such a volatile sector is forthcoming.

Regardless of the fixes being built, as Web3 grows, more robust solutions will be needed if NFTs truly are to make the leap from niche to mainstream. Of course, considering cyber security is still a major issue even for the world’s most trusted financial platforms and social media companies, it could take years to achieve a powerful and sustainable form of blockchain security.

The post To Keep Web3 Safe, Security Needs to Be a Group Effort appeared first on nft now.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *