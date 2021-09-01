The security of crypto assets has been a widely debated topic among both investors and spectators. In light of the Poly Network hack, several learnings have emerged, thus creating a net positive impact for the industry and the future of crypto.

The recent Poly Network hack, the largest in the decentralised finance (DeFi) industry’s history, has brought back the topic of crypto assets’ security to the limelight. Only a few weeks ago, Poly Network, which enables investors to swap tokens from one digital lender to another, saw over $600 million worth of tokens compromised, eclipsing the previous record of $534.8m that was stolen from the Japanese crypto asset’s exchange, Coincheck.

In Poly Network’s case, the hacker exploited the vulnerability in the network’s smart contracts and successfully bypassed the private keys, which allowed him to send the funds to himself without the knowledge of the network’s developers and auditors.

In an unusual move, the hacker, who has been branded ‘Mr. White Hat’, has returned the majority of the funds. In return, Poly Network has offered the hacker the opportunity to become its chief security advisor in addition to a bonus payment of $500,000.

Implications for DeFi and crypto

The innovation in the DeFi space, which is less than a decade old, has been meteoric in recent years. The industry was built from the ground up, and like any other up-and-coming industry, certain lapses and failures are simply inevitable.

Whilst the more established DeFi platforms are robust and battle-tested, the risk is significantly higher in smaller and newer platforms, widening the security and ultimately, usage gap between old and new. In this sense, the DeFi space has a lot of catching up to do.

That being said, the Poly Network hack can be seen as a catalyst for increasing governance and security within DeFi. Going forward, we can expect the industry to start mirroring the same level of governmental and regulatory stances as the crypto assets industry, which in turn will further expedite and grow the DeFi movement.

Considerations and takeaways for crypto investors

There are certain key considerations that need to be taken into account, both in terms of the crypto-asset platforms and individual investor security standards.

From a platform perspective, being regulated ensures that the platform has all the necessary client funds and assets’ protective measures in place, such as strict client funds segregation and the utilisation of multi-signature wallets and cold wallets hosted by globally leading custodians.

Poly Network hack can be seen as a catalyst for increasing governance and security within DeFi.

Such custodians have significant insurance coverage over clients’ funds, and any platform in order to extract clients’ funds from a cold wallet would be required to undergo extensive and strict identification and security checks.

Additionally, given that the universe of investable crypto assets is growing rapidly, it is paramount that enhanced due diligence is done on every crypto asset that is offered to clients to ensure that it has a proven use case, strong security track record, and sufficient liquidity. From an individual perspective, the utilisation of Google Authenticator to add a further security layer to the account login process is vital.

Typically, fully regulated crypto exchanges utilise extensive cybersecurity infrastructure as they operate under some of the most robust rules and regulations globally, with clear governance and recourse. Clients’ funds and assets are completely segregated from those of the company. A combination of hot, cold, and multi-signature wallets is utilised with the majority of clients’ assets stored offline in maximum security vaults.

Crypto, like any other asset, requires security measures on the part of the investor and the platform in use. With the myriad choices and information available, investors can afford the luxury of choosing from crypto assets and platforms that meet the highest security standards.

Dina Sam’an, founder and managing director of CoinMENA.