Disclaimer: The views and opinions expressed by the author(s) do not represent the official position of Barbados TODAY.
by Nikolai Layne and Chelcee Brathwaite
In our first article titled: Leveraging Web 3.0 to Boost Trade and Investment in the Orange Economy, we explored how Web 3.0 developments such as smart contracts, asset tokenization and the metaverse can be leveraged in the orange economy. In this SRC Trading Thoughts, we look at practical tools and applications for navigating Web 3.0 and the associated risks.
Main tools and applications for browsing the Web 3.0
Blockchain based domain
Blockchain domains are essentially suites of smart contracts – software written on a public blockchain. These domains can function as a naming registry for crypto addresses, making the process of sending and receiving cryptocurrency easier and more secure than having a wallet address (a set of numbers and letters generated randomly used to send and receive digital assets) displayed on a traditional website.
“It is possible to create programs on top of the domain and run them as applications, inspect records, and create software to interact with other applications” (Chen 2021). Blockchain domains are available to the general public and can be purchased online with no renewal fees, which differs from traditional domains.Virtual Machine (VM)
A virtual machine is a program that functions like a computer system, complete with an operating system, memory for storing files and applications, and the ability to host websites, run programs, or even desktops. exist on a network with other systems. However, everything is done by code in a simulated environment with no physical identity, which means multiple virtual machines can coexist on a single server.
In the Web 3.0 space, virtual machines are recognized as sandboxes where code can run separately from the rest of the system. An example to provide some context is the Ethereum virtual machine which can be used to communicate with or execute smart contracts.
Due to the decentralized nature of the Ethereum virtual machine, external systems can participate in the network (nodes) to verify transaction data and receive rewards for contributing to the ecosystem. Ethereum code is publicly available, which means anyone can build in the environment once they meet the required system requirements and have the appropriate digital skills.
MetaMask has a dual function in the Web 3.0 ecosystem that needs to be clearly understood. First, the app acts as a cryptocurrency wallet where users are provided with a key vault, token wallet, secure login, and access to a token exchange. Additionally, it provides a gateway to the new web that allows users to access the Ethereum mainnet so that they can more easily interact with all Ethereum-based decentralized applications (dApps). MetaMask provides a secure way to use multiple dApps while browsing, which is beneficial for users interested in full control of their own data. MetaMask is free to download as a mobile app and desktop app or browser extension.
Public Key Infrastructure (PKI)
PKI technology is an important privacy feature in the Web 3.0 space, as it governs the issuance of digital certificates to protect sensitive data, provide unique digital identities to users, devices, and applications, and secure end-to-end communications. . This technology acts as a bond of trust allowing parties to exchange information securely. In practice, the use of digital certificates, public keys and private keys is at the heart of this technology.
When information needs to be shared or transferred between users, an encrypted file called a certificate is secured by a public key and sent by the owner. Each public key has an associated private key that is under the control of the owner and can be shared with any party aware of the transaction. The private key can be used to sign and unlock the contents of the certificate.
An index is a data structure designed to filter or locate relevant data needed to develop dApps on the blockchain. Since the blockchain contains a lot of data stored in blocks with a linear history, an index is useful for locating the necessary information without having to go through each piece of data in each block.
A good example is the Graph which is a decentralized off-chain indexing protocol that makes it easy to query different networks that store data on the blockchain. It provides an efficient way to fetch data that helps build fully decentralized applications.
Interplanetary File System (IPFS)
IPFS is a protocol designed to make the web scalable, resilient, and more open. It is a file distribution system and storage facility for all application data built on the blockchain and quickly transfers information across many platforms. “IPFS allows users to host and receive content in a decentralized way via peer-to-peer file sharing. file sharing »
Overall, Web 3.0 has an evolving technology stack currently comprising network, protocol, development and user interface layers, which require an advanced array of digital skills in areas such as “contract development intelligent (via programming languages like solidity); front-end web development (using web3.js, EthersJS, etc.); development environment (with tools like Remix IDE and Ethereum Virtual Machine); community manager; and Web3-specific content (such as NFTs)” (Agarwal 2022).
Sources of risk must be understood in this new digital environment so that mitigating controls can be implemented to reduce/eliminate vulnerabilities that can potentially compromise the entire network. In this context, risk is defined as any planned or unplanned event that results in financial loss, privacy breach or identity theft.
Since the blockchain is an open distributed ledger, all information will be accessible in real time and move quickly across multiple platforms. Web 3.0 has generated a unique class of cyber threats due to its decentralized nature.
“While data and services reduce single points of attack, they have the potential to expose data to a broader set of risks” (Groopman 2022). Bad actors (with criminal intent) may seek to attack the network through a series of clever logic hacks that are used to exploit a wide range of functions and services, such as interoperability, crypto-lending services, project governance and portfolio functionality.
Another example is ice phishing where attackers maliciously convince users to sign a transaction that allows them to access assets and move them to other parties. If history is any indication, there are several examples of data theft in other iterations of the web that have affected many people. Therefore, highly sophisticated security is required to support the architectural construction of different platforms that seek to operate in the Web 3.0 environment.
No central control authority exists in a decentralized blockchain technology system. This means that each user must understand their respective role, the associated tasks and responsibilities, and the associated risks. It is the user’s responsibility to manage their private keys that give them access to their digital tokens in a Web 3.0 environment.
“If the user loses their private key, they will not be able to regain access to their assets from a central authority or request a new one. It is only possible to restore a private key if a suitable backup solution is in place” (PwC 2022).
The management and storage of private keys will be critical as they provide proof of ownership of those assets which must be kept in a digital wallet. Here, proper administration and record keeping of multiple keys is required for all parties participating in the Web 3.0 environment.
Risk of censorship resistance
In a decentralized environment, censorship resistance ensures that anyone can transact in a Web 3.0 environment once they follow the rules of the network protocol. Actors are also prevented from modifying transactions on the blockchain.
An archetypal way of thinking about an environment where ideas, communication, images, and other materials cannot be suppressed sets the stage for systematic desensitization in areas such as morals and values that will differ as adoption increases. Therefore, the responsibility rests with the contributors to the network to develop the appropriate protocol rules prohibiting harmful and inappropriate content.
The infancy of a fully decentralized web environment raises some concerns for regulators seeking to understand the inherent risks and vulnerabilities that can severely affect participants.
Different approaches have been taken in many jurisdictions to clearly define a set of essential rules and principles needed by market players who use these emerging technologies to offer unique goods and services.
Other regulators have tried to prohibit decentralized activities and designate certain users with the right to operate in the environment. However, it is clear that there are differing views on determining the appropriate oversight measures needed to mitigate risk and protect consumers.
This situation is exacerbated by the lack of knowledge about how these technologies work and how they are classified, which presents a challenge for many regulators who are tasked with determining the appropriate framework or legislation needed to help promote the beneficial aspects of Web 3.0. , while limiting various forms of risk.
As Web 3.0 continues to grow, it is important for the region to advance regulatory and policy dialogue to shape the region’s inclusive, secure and sustainable participation in the digital economy.
Nikolai Layne is a financial strategist at laissez faire associates and Chelcee Brathwaite is a business researcher at the Shridath Ramphal Center for International Trade Law, Policy and Services, Cave Hill Campus of the University of the West Indies (Barbados).