Introduction In the rapidly evolving world of Web3, it is important to continually adapt and strengthen your defenses against security threats. This proactive approach is evident in the concerted efforts of the BNB Chain community to mitigate and prevent security breaches.
Through the implementation of various programs, including Dappbay and Avenger DAO, the community has taken effective steps to strengthen its security infrastructure. These initiatives have been instrumental in reducing the frequency of security incidents in recent months. Let's dive into these strategies and see how they have effectively bolstered the resilience of the BNB network.
Solving Security Issues BNB Chain is committed to enhancing the security of its ecosystem and has implemented robust user protection measures.
In less than a year, DappBay has listed over 1,158 dapps, and the Red Alarm feature has helped users identify over 445 risky dapps and projects on the BNB chain. Each app on the Red Alarm list includes a security description and a risk rating, and the information is also published on the BNB Chain blog.
The “Risk Scanner” feature allows users to scan and verify the security of any BNB Smart Chain (BSC) smart contract. Users can scan and get a risk rating for any smart contract or verify its authenticity before interacting with it. Risk Scanner is powered by AvengerDAO.
For example, the BNB Chain security team was also able to identify the ragpool before it happened - YieldRobot. It was discovered by the internal team on December 9, 2022 and marked as “high risk” in the risk scanner. The project scammed on January 17, 2023.
The BNB team could have saved $2.1 million, which is 25% of the funds lost on the BNB network in the first quarter of 2023.
A BNB Chain community initiative, AvengerDAO scanned over 1 million unique contract addresses, identifying 35,000 as “high risk.” Users have been warned not to interact with them.
Improvements for BNB Chain Comparing data from the last two six-month periods on the BNB chain shows noticeable improvements. This is clearly illustrated by the following statistics:
When comparing the total amount of hacks for the last six-month period (January to June 2023) and the previous period (June to December 2022), losses have decreased significantly. $34 million versus $713 million, respectively, indicating improved security measures.
On the other hand, a comparison of fraudulent activities in these two periods indicates that further progress is needed. While the loss has narrowed from over $117 million in the second half of 2022 to $66 million in the first half of 2023, the numbers show there is still room for significant improvement.
AvDAO Latest Progress Web3 Risk Framework on the following aspects:
Business continuity
Crypto Wallet
decentralized finance
Smart contract
Project management
RedAlarm: More than 40-50 addresses are flagged in RedAlarm weekly.
Weekly incident risk report.
Community backed by leading security partners
Risk Scanner
In the first half of 2023, only 181 of the approximately 2,000 active projects in the ecosystem were affected, representing 9 percent of the total number of projects. In the first half of 2023, there were about 116 hacks on the BNB network that affected 181 projects.
Digging deeper into the specifics of these incidents, the breakdown is that most projects were affected by hacking incidents, which is a stark reminder of the current security issues in the web3 space. The rest of the reported incidents were the result of a ragpool, a type of scam where developers abandon a project and run away with investors' funds.
Thus, the first half of 2023 brought a lot of problems to the BNB network ecosystem. However, it is important to note that the vast majority of projects - 91% - were not affected by these problems, which indicates strength and resilience.
$101 million was affected, less than 2% of the total $5-6 billion TVL on the BNB network in the first half of 2023. In comparison, the average TVL for the BNB network during this period was estimated to be somewhere between $5 and $6 billion. This figure is a testament to the massive blockchain activity and liquidity in the BNB network ecosystem.
The BNB network accounted for 0.9% of the vulnerabilities of the entire TVL-based ecosystem in the first quarter of 2023. The BNB network, despite its significant economic activity, demonstrated remarkable security during the first quarter of 2023. According to data based on Total Value Locked (TVL) (from the Defilama and ImmuneFi report), the BNB chain accounted for only 0.9% of the vulnerabilities of the entire ecosystem.
Impact of vulnerabilities in % of TVL The table above shows the total value locked (TVL) of six different blockchain networks along with the estimated impact of vulnerabilities according to Immunefi and the percentage of TVL that has been attacked.
Ethereum has a TVL of $51.8 billion, with 0.48% ($248.4 million estimated by Immunefi) of its TVL being affected by vulnerabilities. In contrast, BNB Chain had a vulnerability impact on TVL of 0.56%, while Polygon had a much higher impact on TVL of 9.55%.