During the early 2020s, the domain of decentralized finance (DeFi) witnessed the emergence of novel incentive mechanisms such as liquidity mining and airdrops. Nevertheless, this expansion also led to a rise in cyber attacks and vulnerabilities, presenting significant obstacles for projects aiming to secure cost-effective and reliable audits.
Recognizing this challenge, the creators of Hats Finance—a community-driven onchain audit platform—spotted an opportunity to utilize these incentive systems to develop a decentralized and economically feasible solution for Web3 security. Oliver Hörr, the founder of Hats Finance, emphasized the platform’s mission to align incentives for all participants, striving to create a protocol where collaboration leads to mutual benefit for everyone.
In an exclusive conversation with Cointelegraph, Hörr elaborated on his perspective regarding Web3 security and how Hats Finance, a participant in the Cointelegraph Accelerator program, could contribute to enhancing it.
Cointelegraph: How do you assess the current state of Web3 security? Is security appropriately prioritized within the Web3 ecosystem?
Oliver Hörr: The realm of Web3 security is gradually maturing. Entrepreneurs are realizing that a single security breach can jeopardize their entire enterprise. In 2021, significant challenges arose when projects failed to obtain audits and consequently deployed unaudited code, resulting in adverse outcomes.
Teams now grasp the paramount importance of security, and the audit space has seen an influx of enhanced talent, partly due to our decentralized security (DeSec) approach, enabling individuals worldwide to establish themselves as security experts.
Cointelegraph: Security is regarded as a fundamental pillar of Web3 that is not entirely onchain. How does Hats Finance plan to incorporate additional security elements into blockchain technology?
Oliver Hörr: Presently, all our bug bounties and audit competitions, along with their outcomes, are stored on the blockchain. Through Hats, users can verify onchain data to determine if a particular smart contract has undergone auditing or is safeguarded by a bug bounty. We are actively involved in standardizing this process with EIP-7512, enabling wallets to empower users to make informed decisions about their desired security level in navigating Web3 securely.
Imagine a scenario where a smart wallet notifies you if you interact with an inadequately reviewed smart contract. This feature empowers users to make more prudent choices.
Cointelegraph: How does Hats Finance intend to tackle the inefficiencies and high expenses associated with traditional security audits?
Oliver Hörr: Instead of engaging multiple security experts in advance to scrutinize a smart contract, our platform enables global participation in audits, with rewards exclusively distributed to successful experts. The high costs of audits stem from significant overheads related to marketing and distribution within audit organizations. With our platform, auditors are solely focused on vulnerability identification, streamlining processes and reducing costs to a reasonable level by retaining most of their earnings.
Auditors are inclined towards concentrating on technical tasks rather than administrative chores. We envision a future where onchain audit Decentralized Autonomous Organizations (DAOs) replace traditional audit firms.
Cointelegraph: Could you elucidate the structure of your rewards-only payment model and how it benefits protocols seeking audits?
Oliver Hörr: At Hats, we impose a fee solely on successful submission rewards. Consequently, if no vulnerabilities are discovered, the audit competition is cost-free for the client. This approach represents a significant enhancement for clients, as they often pay substantial amounts for audits only to receive negligible value due to auditor shortcomings.
Even when opting for the most reputed firms in the industry, there’s always a risk of assembling a team of inexperienced auditors or encountering an off day from the auditor. We strive to address and rectify this prevalent issue.
Cointelegraph: How does open participation in audit competitions expand the talent pool and enhance security assessments?
Oliver Hörr: Our community spans South America and India, engendering a peer-to-peer setting where the source of submissions remains anonymous. The security landscape benefits from a continuous influx of new talents who would otherwise encounter barriers to entry in traditional audit firms due to the lack of an established track record. Through our platform, aspiring talents showcase their expertise, fostering their reputations across social channels.
We uphold a flexible and accessible approach, allowing security researchers—especially newcomers or those averse to platform registration—to engage seamlessly.
Cointelegraph: Why is community engagement pivotal in Web3 security, and how does Hats Finance facilitate this?
Oliver Hörr: Regrettably, community involvement is frequently overlooked in security dialogues, despite being the most affected party in cyber breaches. Hats empowers the community to steer the future security infrastructure, thus bolstering the security of projects they contribute to. Our vision of DeSec encompasses community involvement, enabling stakeholders to participate in determining favored security measures transparently and potentially reaping benefits from the rapid growth and economic opportunities within Hats and web3 security. This approach embodies true beauty.
We advocate for enhanced transparency in security matters, granting the community the authority to effect positive changes.
Cointelegraph: What lies ahead in the future for Hats Finance, and what milestones are you aiming to achieve?
Oliver Hörr: Web3 faces numerous security-related challenges. Our forthcoming focus entails supporting AI safety and enhancing onchain security for smart wallets. While AI presents immense benefits for humanity, the absence of tools for community oversight and safety verification poses significant risks. Our decentralized framework is poised to mitigate these risks effectively.
Smart wallets possess immense potential in resolving Web3’s primary user experience challenges. However, akin to all smart contracts, they are susceptible to breaches. We are committed to addressing these security concerns to propel Web3 past its current UX limitations and towards mainstream adoption.
Our immediate milestone involves the decentralization of our protocol, empowering the community to shape Hats’ regulations and economic dynamics.
To learn more about Hats Finance, visit their website.
Disclaimer: The opinions expressed in this piece are not endorsed by Cointelegraph. While we aim to provide comprehensive and accurate information in this sponsored article, readers are encouraged to conduct independent research before making any decisions related to the company and assume full responsibility for their actions. This article should not be construed as investment advice.