Despite breakthroughs in theoretical security, Mudit Gupta, Chief Information Security Officer of Polygon, highlighted the industry’s major practical security challenges.
Gupta addressed the discrepancy between theoretical security and actual security in the crypto sector at the Ethereum Community Conference (EthCC). Theoretical security has advanced quickly, but Gupta emphasized that real security measures have lagged far behind.
![Polygon Exec Warns of Billions of Dollars in Lost Crypto Keys, Says Many More at Risk image 141](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/07/image-141.png?resize=1024%2C477&ssl=1)
![Polygon Exec Warns of Billions of Dollars in Lost Crypto Keys, Says Many More at Risk image 141](https://i0.wp.com/nosisnews.com/wp-content/uploads/2023/07/image-141.png?resize=1024%2C477&ssl=1)
Gupta used the example of private or mnemonic keys to demonstrate the difficulties in providing real security. Private keys increase security, but they also present challenges for effective protection. Mnemonic keys are a one-time asset as opposed to passwords, which can be changed if they are hacked. Gupta stressed that maintaining the security of private or mnemonic keys is a far more challenging issue to resolve.
The Risk of Inadequate Security Measures
Users losing their mnemonic keys result in an alarming number of financial losses, according to Gupta, who put the cost at billions of dollars. He stressed that the absence of suitable security measures exposes billions of dollars in wallets with insufficient security to risk.
Gupta also explored the real-world difficulties posed by private keys. Practical issues occur despite the fact that they are theoretically 100% secure as long as they are kept a secret. Gupta questioned what would happen if the key was hacked or how loved ones would be able to access money in the event of the key holder’s death.
Related: DeFi Security Breaches Soar in Q2, with Over $200M Lost
The Battle of Defenders and Attackers
Gupta went on to discuss the challenges encountered by security experts in their capacity as defenders. He emphasized the natural advantage attackers have over defenders because attackers only need to use one vulnerability to get past a safe system while defenders have to carefully cover all potential entry points. Gupta underlined that individuals protecting the security of cryptosystems are under more pressure as a result of this continuous conflict.
Gupta emphasized the requirement for people and organizations to embrace the role of defenders, diligently striving to preserve digital assets and the larger ecosystem in spite of the numerous difficulties faced in assuring practical security. Bridging the gap between theoretical and actual security measures remains a crucial goal in protecting user funds and promoting industry growth as the crypto ecosystem develops.