Blog post

Axie Infinity Hack – A Blockchain Project is only as Secure as the Weakest Link in the Value Chain.

By Rajesh Kandaswamy | March 31, 2022 | 0 Comments

blockchainweb 3

Axie Infinity, the most successful pioneer of play-to-earn games based on blockchain was hacked recently. Hackers stole crypto more than $600 million. Loss of this magnitude is tragic. Many folks might lose their money. I hope they do not.

This hack illustrates a point on a topic that I get asked by clients all the time.

The question goes like this – ‘Is blockchain/web3 more secure than other technologies?’.

The answer – It depends.

 

It is true that some blockchain networks have not been hacked directly – a prominent example is the Bitcoin network. Blockchain does offer many features that can strengthen security. The use of public key infrastructure, decentralized decision-making, and chained records in the ledger are some of such features.

But that does not imply that all Web3/blockchain solutions are more secure than anything else or are unhackable. Why?

  • The network is not the only actor. Besides the underlying network, there are many parts to make a blockchain solution work. Wallets, exchanges, bridges, API services are some of them. Hackers will look for any vulnerable points. Briefly, in Axie Infinity’s case, they got access to private keys that allowed them to hack a ‘bridge’ and steal Ethereum.
  • Not all networks are equal. There are various blockchain networks that apply the general principles of blockchain for their protocol. Some are built ground-up and others use customized code of popular open-source blockchain protocols. There is no guarantee that all these networks built by different teams are secure enough to prevent any hacking.

In summary, secure solutions will arise from blockchain and so will solutions that are hacked.

We must evaluate the security merit of a specific solution and all its parts, and not decide using only theoretical concepts of the technology in question.

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed