Web3 Hacks Expose Flawed Data Verification Process

The recent surge in Web3 hacks has brought attention to a critical issue: data verification. The KelpDAO hack was a prime example of this problem, where applications continued functioning despite flawed data on the blockchain.

According to Victor Fei of Ormilabs, most modern Web3 apps rely on intermediaries like RPC nodes for accessing raw on-chain data. However, when these sources are compromised or unavailable, the app may operate on bad data while the underlying chain still processes transactions as valid.

This vulnerability is exacerbated by the widespread use of indexing in Web3 apps, which can display flawed data or become a direct vector of attack. The problem becomes even more severe if AI agents are allowed to act based on potentially flawed data.

Experts are emphasizing the need for improved speed and automation in detecting and responding to attacks. Vladyslav Syrotin, Head of Investigations at Global Ledger, suggests that lowering time-to-detection can help prevent incidents and reduce losses.