Avalanche Core Wallet gets Blockaid security integration
Avalanche and Blockaid have announced a partnership to integrate Blockaid's security features directly into Avalanche's Core Wallet, the blockchain network's native wallet.
The security update aims to address the ever-increasing threat of phishing and decentralized finance by pre-screening transactions against the blockchain database and alerting the user of the risk before the transaction is signed and posted. This type of security feature is known as transactional impersonation.
Blockaid says the security firm has helped repel 1.3 million attacks and is currently used to secure products offered by OpenSea, MetaMask, Zerion, Coinbase and Rainbow.
Akash Gupta, Head of Consumer Products at Ava Labs, said of the collaboration:
“This partnership with Blockaid marks a significant step forward in providing users with security and control without compromising speed and ease of use. By integrating advanced security solutions on the Core Suite, we ensure users can explore the Avalanche ecosystem with peace of mind.”
Related: US Navy Launches ‘PARANOID' Blockchain Security Technology for Private Sector
However, Blockaid's critics say its security filtering features lead to too many false positives—a claim that Blockaid makes as a feature, not a fault of its security software.
A spokesperson for the security firm explained that many false positives are a better outcome than relaxing the diagnostic criteria and allowing malicious actors to exploit more loopholes to carry out their illegal activities. Of the 165,000,000 transactions per month blocked by Blockade, only 0.0002% are returned as false positives, and millions of truly fraudulent transactions are blocked.
There's also a threat aspect to staying one step ahead of marketing scams in the cat-and-banana game of cyber security.
According to cyber security expert Bernhard Müller, malware such as “Angel Drainer” can penetrate the security layer provided by transaction tokens such as Blockaid, WalletGuard and Pocket Universe.
Mueller explained that Angel Driner can sidestep trading tokens by creating volatile, “unsigned” contract addresses and trying to steal money from these addresses, although the success of these methods is neither foolproof nor guaranteed.
The white hat hacker's attempts using a flexible and unmarked method still sent Blockaid an alert, citing the transaction as suspicious, he admitted.
Magazine: Exclusive: 2 years after John McAfee's death, widow Janice is broken and needs answers.
Update (June 6, 15:30 UTC): This article has been updated to include a false positive image that accounts for 0.0002% of the 165,000,000 transactions per month.