Why Middleware and SaaS Are Crucial to Web3’s Future Security
As data breaches, rug pulls and other forms of cybersecurity threats continue to hijack the narrative of decentralized storytelling and fintech infrastructures.
Five years after CryptoKitties, industries that have integrated blockchain technology into their infrastructures in hopes of becoming more “decentralized,” are still heavily reliant upon the same few centralized companies for their hardware and servers.
And it is for that very reason that we still see networks like Ethereum put to the test when user congestion and surging gas fees cause the entire network to crash.
As the industry has already lost more money in 2022 than it did in the entirety of 2021, cybersecurity certainly remains a top priority for Web3, especially when flash loans continue to remain detrimental to blockchain stability. This year alone, Web3 projects have lost more than $2 billion USD to hacks, with over $870 million USD in losses in Q2 2022.
The irony in Web3’s call for stronger cybersecurity infrastructures, is that those mechanisms are still primarily dependent upon centralized companies and Web2 mechanisms that don’t need to necessarily be “reinvented.”
Businesses Can Now Tap Into a Global Network of ‘Nodes’
Looking back to 2017, the infrastructure by which Ethereum was dependent upon, relied heavily upon those companies who owned servers and hardware like Amazon Web Services (AWS).
And the icing on top? These centralized companies, in most cases, are subject to U.S. privacy laws and regulations, including GDPR.
The heart of today’s issues surrounding network crashes resides in the sole reliance upon those servers and hardwares. In other words, what happens when those servers and hardwares crash?
The large collective of permissionless blockchains utilizing those infrastructures are suddenly rendered unusable.
“While dApps and blockchains may be decentralized, the full node infrastructure they rely on are usually centralized companies incorporated through U.S. laws and regulation,” Pocket Network’s Rich Cuellar-Lopez told Hypemoon via email.
Cuellar-Lopez leads the marketplace team at Pocket Network, ensuring that the node supply side is healthy, while ensuring the demand remains healthy and stable.
As a middleware protocol, Pocket Network provides extensive blockchain bandwidth through its globally distributed network of 30,000+ full nodes to dApps and blockchains across 37 different blockchains – including Ethereum, Polygon, Solana, Avalanche, and Harmony.
The $1.5 billion USD Tampa-based company utilizes a unique state of the art approach to infrastructure provisioning by matching dApps with “nodes” to run them – a critical element in helping realize full Web3 automation through the validation and broadcasting of transactions across an entire network. This type of automation helps to alleviate many of the drawbacks associated with traditional Web2 hosting services.
These “nodes” provide infrastructure services to over 3 dozen other blockchains, including Bitcoin, which has around 15,000 nodes. When a user submits a transaction, it’s received by a node that immediately checks to ensure that the sender has the funds available and is authorized to send them — before blasting it out.
Through an API, blockchain networks like Ethereum are able to access Pocket Network’s node services without delay or fear of a network crash. As of press time, the protocol says over 2,000 Web3 applications have already tapped into these nodes, allowing it to reach over 1.7 billion relays.
In other words, companies can now “route” their blockchain-based infrastructure to tens of thousands of nodes around the world, something Cuellar-Lopez says stays true to blockchain’s core mission of decentralization.
“Enterprises end up valuing the fact that there is no ‘single point of failure’ for their infrastructure. Larger apps get a set of robust Pocket Network APIs that have neither a security threat of a potential cloud storage downtime nor a possibility of a single set of malicious actors,” he explained.
The Web3 developer announced its $10 million USD raise in January, which was led by New York’s Republic Capital, RockTree Capital, Arrington Capital, among other institutional funding.
In September, Pocket Network rolled out a major update to its “Pocket Portal” service, which enables developers to easily create accounts, mint RPC endpoints for dApps, and access blockchain data across any of Pocket’s dozens of supported blockchains.
Cuellar-Lopez revealed to Hypemoon that the protocol is now heavily invested into a new network upgrade – V1, which he considers to be a “powerful rewrite of their network architecture that will unlock more blockchain decentralization.”
He added that V1 will also introduce on-chain Service Level Agreements (SLA), which he says is an industry first:
“By open-sourcing our gateway architecture, many different providers will have access to our core protocol, allowing us to become fully censorship resistant…and allow for anyone to create a portal for any purpose and have it tap into Pocket Network’s core community of node providers.”
Speaking to NFTs, Cuellar-Lopez believes V1 to be a good business opportunity for someone who is able to code their own portal with custom NFT minting logic to enhance a specific user’s experience – without having to worry about node infrastructure.
Minimizing Security Incidents Across Blockchain Protocols and Smart Contract Layers
Ultimately, Web3’s biggest frustration when looking through the security lens, is the method by which the majority of these security incidents are taking place.
The attacks that these hackers are deploying are nothing more than the tried and tested tricks of Web2 that are designed to exploit centralization and human error – using this as a basis for making lateral moves to further exploit Web3-native systems.
“Right now, crypto scams, Ponzi schemes, ICOs, and suspect NFT projects are hijacking the narrative of Web3,” TouchBrick founder and CEO Shayra Antia told Hypemoon via email.
TouchBrick is a data-driven cloud platform that came about in response to the increase of security incidents that have compromised blockchain protocols and smart contract layers.
While many industry solutions currently target web developers, TouchBrick focuses on a “no-code” solution that specifically caters to business operators and tech executives including CTOs, VPs of Engineering, COOs, CIOs, and CEOs. These solutions, according to the company’s website, can be integrated with other enterprise softwares such as NetSuite and Salesforce.
“We also saw a need in the market for a simple way to create sophisticated projects without a developer through a ‘drag-and-drop’ manner for companies to take advantage of,” Antia added.
In May, the company had a pre-seed round at an estimated $7 million USD valuation, led by a group of undisclosed institutional investors. Antia revealed to Hypemoon that the company is expecting to announce another seed round before the end of this year.
Speaking to the number of “rug pulls” and security incidents our ecosystem has seen in the past two years, Antia believes that there is a major value gap in utilizing the blockchain if it cannot integrate a business’s upstream and downstream sources of data.
“The industry is still focused on the financial model of cryptocurrency, but is unable to distinguish full-suite SaaS products that work to enable Web2/Web3 existing companies,” she added.
Jason Melo, one of the company’s co-founders and CTO, shared his belief that we can all expect to see a shift in Web3’s overall business model.
“There will be a shift in the model from a financial perspective of crypto and protocols towards platforms like TouchBrick in order to progress in scaling out to the masses – but also to progress internal ecosystems within organizations by tapping into these core data points,” he explained.
Melo pointed to the A.I. space as an example, where “it has thriving, healthy systems that are all driven by data – data that is the key to their value proposition, which makes Web3 no different.”
He explained that consumers should be seeking out solutions that are built across a multi-chain ecosystem that is focused on “delivering trustless no-code tokenization tools,” amongst other things.
Melo told Hypemoon via email about two solutions in particular, which stand out for the company – one in the ‘metatainment’ space (entertainment companies that operate within the metaverse) and the other in A.I.
“In the ‘metatainment’ space, we have provided a way for one of our customers to deliver a first-of-its-kind staking platform for their Ethereum-based NFTs, which then issue utility tokens in Solana for holders of the project. We deliver the payment gateway, access gateways, and marketplaces specifically to this customer,” he shared.
In the A.I. space, Melo says it has one customer that stands out, which is also a “no-code” based software.
“This customer developed a “pioneering voice A.I. that can mimix and surpass a traditional human-based call center and outbound sales teams. We started working with them to deliver a tokenized reward system for their customers that, through the use of their core A.I. product, tokens would be issued – unlocking credits for service, premium services, and AI computational usage that could be staked or banked, allowing for a pool of computation across their entire user base.”
As 2022 comes to a close, the lessons learned from this year’s cybersecurity incidents alone, show that no matter how far we push for true decentralization, we still need the established mechanisms from Web2 cybersecurity to be able to provide for a more seamless integration between both ecosystems.