2023 saw a 51% decline in the value lost to hacks, scams, and exploits in Web3. Still, $1.8 billion is nothing to sneeze at, and in this report, we’ll examine the major incidents and exploits that led to this tendigit number. The crypto industry faced legal and regulatory headwinds throughout 2023, with the U.S. Securities and Exchange Commission (SEC) bringing charges against the two largest exchanges: Coinbase and Binance. The SEC’s actions indicated a move away from focusing solely on smaller platforms and individuals to targeting more significant players in the crypto space. The year also saw one of the most significant players – Binance founder Changpeng Zhao (CZ) – step down from his role as CEO after the exchange’s $4.3 billion settlement with federal prosecutors in the US. CZ is currently out on a $175 million bond as he awaits sentencing in February.
Meanwhile, the FTX saga came one step closer to resolution in November with the conviction of Sam Bankman-Fried on seven counts, including fraud and money laundering. FTX creditors are still yet to see any fraction of their assets returned. On the bright side, Q4 saw a recovery in crypto asset prices, a welcome reversal in the market after eighteen months of declining values. As the saying goes, bear markets are for building, and we have seen plenty of progress made on all fronts: from the technical to the regulatory.
Now is the time to look back on the last year, celebrate the achievements, recognize the missteps, and look forward to the future (hint: it’s bright). But first, a toast to those who make crypto what it is, the indefatigable few who stand defiant in the face of regulatory crackdowns, widespread skepticism, and the occasional 90% drawdown. On-chain actors stand at the forefront of innovation and risk. They are the guinea pigs of a new system; the proof of the pudding for those who see the potential of blockchain technology but lack the risk tolerance for getting involved on the far left side of the adoption curve. As they navigate through challenges such as usability hurdles, security lapses, and the journey towards establishing a solid product-market fit, their resilience is continually tested. Moreover, they face frequent skepticism from established players outside the industry, who exaggerate failures and minimize victories.
Despite these obstacles, the dedication of these degens, investors, hobbyists, and technologists paves the way for future advancements in the field. And the rewards for these pioneers are significant. Early adopters gain access to exclusive opportunities, like lucrative airdrops and the thrill of being at the forefront of technological innovation. Their endeavors not only shape the industry but also build a foundation for future participants. They experience the excitement of shaping cutting-edge developments and accrue both knowledge and value, both of which will grow exponentially across coming cycles. As blockchain technology begins to gain traction among institutional entities, who wield trillions of dollars in financial influence, its potential becomes increasingly evident. We anticipate transformative impacts across sectors like finance, gaming, art, and digital experiences.
One bright spot on the horizon is the potential (or likely, depending on who you ask) approval of up to almost a dozen Bitcoin ETFs (exchange traded funds) in early January 2024. In the latter half of 2023, the SEC scrutinized a series of Bitcoin ETF proposals, notably extending review periods for applications from major firms like BlackRock, ARK, and Fidelity. This came after a D.C. Circuit Court ordered the SEC to reevaluate rejections like Grayscale Investments’ case, ruling that it was wrong to reject Grayscale’s application for a Bitcoin ETF on the grounds that it had previously approved Bitcoin futures ETFs which were “materially similar” to a spot Bitcoin ETF. Regardless of the SEC’s decision, which must be delivered by January 10, the crypto industry will continue its volatile but ever-upward path to maturity. At CertiK, we are at the forefront of securing this digital frontier. We all have our part to play, and CertiK’s mission is to secure the Web3 world. To this end, we’ve audited more than 4,200 platforms and detected over 60,000 vulnerabilities.
Our mission is ongoing, and 2023 has seen achievements like the release of the SkyInsights crypto compliance and risk management platform. This platform marks a significant milestone in our commitment to enhancing digital security. Recognition in Apple and Samsung patches for our mobile device security contributions underscores our impact on the broader technology ecosystem. Additionally, bug bounty payouts from SUI and Wormhole highlight the effectiveness of our proactive security measures in 2023. These accomplishments demonstrate our commitment to enhancing the security and reliability of the Web3 world. While the future of the industry is brighter than ever, challenges still remain. Although $1.8 billion is a significant decline from last year, it’s still too much. In our Hack3d reports, we aim to distill the signal from the noise. There were well over 700 security incidents in Web3 over the course of 2023 (nearly 300 exit scams alone)—far too many to examine individually. Instead, we focus on the standouts that highlight systemic vulnerabilities and the industry’s capacity to respond with resilience. First, we analyze the degree to which declining losses are a function of declining asset values, posing the question of whether we as an industry are learning our lessons. Next, we highlight the ongoing prevalence of devastating private key compromises, a disappointing phenomenon as password management predates blockchain technology entirely. The recent Ledger exploit highlights the dangers of phishing and supply chain attacks, while our examination of retroactive bug bounties sheds light on the effectiveness of this last-ditch effort to reclaim funds after an attack. We then move on to coverage of the dramatic KyberSwap hack, investigate a framework-level vulnerability in the integration of two specific standards, and finally take a look at where the trend of institutional adoption of blockchain led in 2023.
These selected trends and incidents provide clear examples of the challenges we face, but more importantly, they showcase the Web3 industry’s collective response and adaptability. They tell a story of an industry that, despite setbacks, is making steady progress toward securing a more robust digital future.
Views: 3
