September 10, 2021
By Michael O’Rourke
The COVID-19 pandemic has accelerated the world towards a world that is online first. This shift has brought about an unprecedented reliance on digital infrastructure and placing greater trust and power in third parties who handle our data.
But just how protected is our private data online in this model?
If we go by recent figures, not very much. COVID-19 has ravaged not only our physical world, but our digital world as well. Since the pandemic, the FBI has reported receiving over 4,000 complaints a day about cyberattacks, which is a 400% increase from pre-pandemic days. Last year, during the height of the pandemic, blockchain hackers stole $3.8 billion in 122 attacks.
To combat the rise in hackers accessing and compromising our data, particularly during this pandemic, there has been a 27% rise in the usage of VPNs. We have seen a rise in privacy-focused browsers like Brave. Global privacy ledgers are sprouting across the crypto space, acting as a defence to protect our transaction information.
But is this enough? These might be effective strategies for combating Web2, but what about protecting our privacy in the domain of Web3?
How does Web3 work today and how does it enable privacy breaches?
Currently, the blockchain ecosystem is operating on a curious hybrid model. The burgeoning Web3 ecosystem is still connected to centralised Web2 architecture. This hybrid model puts many internet users at risk. Blockchain nodes participating in peer-to-peer networks are exposing data such as transactions that users are making and their IP addresses. Information such as what smart contracts they are using, how much crypto they have stored, their email addresses, and other personal data can be accessed by hackers, potentially compromising users and entire applications on Web3.
The conundrum that many Web3 developers are facing right now is that most blockchain data is served by third party providers using Web2 business models. Running Web3 applications nodes on the cloud might mitigate a lot of these data risks, but as it stands, this is simply not feasible at the moment.
So what can be done?
One of the most effective methods to protect our data on the internet from hackers and other malevolent centralised entities is onion routing. This is a technique to create anonymous communication over a computer network. The reason it’s called an onion network is because messages are encapsulated in layers of encryption – like an onion. Privacy-focused middleware Layer 1’s can provide legitimate obfuscation for end users that make it incredibly difficult to track for those attempting to peer into these networks.
Another method to create obfuscation is the process of replacing sensitive information with data that looks legit, but at the node level. So a Web3 application on a blockchain network can split their requests across dozens or hundreds of nodes.
For example, any time an application needs to read from or write to the underlying blockchain network, like Ethereum, each application stake gets automatically paired in a session of five pseudo-random nodes. The more stakes, the more sets of nodes an application can pair with. What this does is that it makes it extremely difficult, if not impossible, for any node on a blockchain network route to reverse engineer the types of queries any single individual is making, with nearly zero identifying information except for IP addresses.
Web applications built on blockchain networks are potentially more secure than the old Web2 architecture and can better protect people’s data in this era of rampant online privacy breaches. However, there are still some tweaks that need to be made to the blockchain model for it to be the true vaccine that can eradicate online privacy or, at the very least, severely reduce it.
However, with tools being developed which enable applications to pass data through multiple network nodes in a blockchain, thus reducing the risk of user’s data being discovered, it may only be a matter of time before Web3 applications can completely disentangle themselves from the Web2 legacy networks, and function on blockchain protocols only. When this happens, then the threat of online privacy will be significantly reduced.
Michael O’Rourke is the Founder & CEO Pocket Network, a blockchain data ecosystem for Web3 applications.