The Human Factor: Design with Operator Error in Mind

From recent trends in Web3 attacks, it’s clear that the human factor plays a central role. Users might be lured into violating one or more best security practices without knowing – in the case of the Profanity bug hack, vanity Web3 addresses were generated that made it possible for attackers to derive the private key. Once the system is configured into a secure state, over time it is likely that the security posture will decay, if it requires regular end-user effort to upkeep.

In a recent 8 mil USD exploit, users were lured into installing an unofficial update of a popular Web3 wallet. It is suspected that the fake wallet update involved users re-entering the seed phrase (giving the attacker full access to the victim’s crypto assets). The FailSafe threat model is designed with these seemingly game over scenarios in mind. In the later part of this section, we introduce how the defense-in-depth principle is applied throughout the lifecycle of a transaction, and how the application of FailSafe multi-layered defenses minimises losses from the type of incidents noted above.