Lessons from Devcon Bogota 2022
Outline
Last week the Ferrum Network team attended Devcon Bogota. Here are a few lessons from the conference.
- All that glitters is not gold — Be weary of projects launching complex protocols in record time. The Triple Constraint trilemma is near impossible to cheat.
- Security should be a fundamental functional quality when architecting systems, not an afterthought.
- We must protect against attack vectors from integrated chains.
- Standardization is essential for the success of web3 and interoperability.
All that glitters is not gold.
As interoperability becomes one of the most critical problems worth solving in web3, we are seeing a growing number of projects launching cross-chain and multi-chain solutions. These range from data and value interoperability to bridges and more.
In many cases, projects launching these solutions are resource constrained. In Layne Haber’s talk: “Crosschain Security Considerations for the Degen in All of Us”, she highlighted quite a few issues with resource-constrained projects launching complex interoperability protocols quickly just to be the first to market. Clearly, there is a compromise in either security, implementation, or performance. Unfortunately, in most cases, security is the key area that continues to suffer.
Security as an afterthought
In many cases, security is not being implemented as a core functional requirement. Instead, risk mitigation and security measures are only added as an afterthought through an auditor’s feedback. Unfortunately, even these security measures are only added if an audit was conducted by a third party. With typical audits costing between USD 8K to USD 15K+, quite a few projects are simply skipping the external audit step.
The scope is more than your app. It’s everything you integrate with
For projects who are taking steps to secure their contracts, dApps, and infrastructure, we are seeing yet another problem highlighted by many experts at Devcon. The security considerations and scope of risk mitigation have been kept to the contracts, dApps, and infrastructure deployed by the projects themselves. This approach completely negates and ignores the risk from integrated protocols and/or dApps. The reality is we are just as likely to face vulnerabilities and attacks through exposed attack vectors on third-party integrated dApps or even integrated chains. Many projects are completely exposed to attack vectors in case of an attack on an integrated third party.
Standardization — A path toward reducing risk and ensuring compliance
There are many factors that contribute to the increasing frequency and velocity of attacks we see in web3. One of the main contributors is the lack of standards and their adoption when it comes to security implementation and development practices. Web3 must adopt industry-wide interoperability standards to ensure easy identification of risk and attack vectors.
At Ferrum Network, we incorporate security by design. It’s an innate part of our architecture for each of our dApps, contracts, and related infrastructure. Led by some of our engineers, architects, and supporting industry experts, we are backing BIS (Blockchain Interoperability Standards) and BIP (Blockchain Interoperability Proposals) initiatives. These initiatives are designed to bring standardization to the world of blockchain interoperability. Think of them as EIPs for interoperability. We are excited about this initiative and believe that our efforts here will help garner more secure web3 dApps, contracts, and infrastructure. We’ll share more about the BIS and BIP initiatives in the coming months.
Over the next quarter, we’ll be organizing hackathons, recruitment events, and workshops throughout LATAM and South Asia to attract qualified talent. We hope to nurture the local communities to either help build Ferrum Network or to contribute to it by launching their projects on Ferrum Network as we go live.
Nick Odio, Ferrum’s Chief Growth Officer, said: “DevCon was epic! I’ve been to a lot of conferences but this one is pretty special from a builder’s perspective. Fundamentally, the space is far more evolved than we were during the bull market. This was a major step in the right direction for Ferrum not only from a networking perspective but from a technical perspective as well.”
Make sure to check out our clips and photos from the event:
Very truly yours,
The Ferrum Network Team
About Ferrum Network
Ferrum is ushering in the era of blockchain interoperability 2.0. Powered by a multichain messaging engine known as Quantum Portal, Ferrum Network’s mainnet will bring value, data, and functional interoperability to every chain in the industry.
Utilize Ferrum Network to build and deploy solutions on one network and instantly enable multichain functionality without the burden or technical debt that comes with managing a multichain infrastructure.
