Avalanche Core wallet gets Blockaid security integration

Avatar

Avalanche and Blockaid have announced a partnership to integrate Blockaid’s security features directly into Avalanche’s Core wallet, the blockchain network’s native wallet.

The security upgrade aims to thwart the increasingly sophisticated phishing scams and hacks plaguing decentralized finance by prescreening transactions against Blockaid’s database of known malicious threats and then alerting the user to the threat before the transaction is actually signed and posted. This type of security feature is known as transaction simulation.

Blockaid claims that its security apparatus has helped to repel 1.3 million attacks and is currently used to safeguard products offered by OpenSea, MetaMask, Zerion, Coinbase and Rainbow.

An example of a Blockaid suspicious transaction alert. Source: Bernhard Mueller Medium

In the wake of the collaboration, Akash Gupta, the head of consumer products at Ava Labs, said:

“This collaboration with Blockaid signifies a significant step forward in providing users security and control without compromising speed and ease of use. By integrating advanced security solutions across the Core suite, we ensure users can explore the Avalanche ecosystem and beyond with peace of mind.”

Related: US Navy launches ‘PARANOID’ blockchain security tech to private sector.

However, critics of Blockaid say that the security screening features lead to too many false positives—a claim that Blockaid acknowledged as a feature and not a bug of their security software.

Spokespeople for the security firm explained that too many false positives are a better outcome than relaxing the screening criteria and allowing malicious actors to use more loopholes to carry out their illicit activities.

There is also an evolving threat landscape that could manage to stay one step ahead of transaction simulators in the cat-and-mouse game of cybersecurity. 

According to cybersecurity expert Bernhard Mueller, malware such as the infamous “Angel Drainer” could potentially penetrate the security layers afforded by transaction simulators such as Blockaid, WalletGuard and Pocket Universe.

Mueller explained that Angel Drainer could potentially sidestep transaction simulators by creating dynamic, “unmarked” contract addresses and attempting to steal funds via those addresses, though the success of these methods was not foolproof or guaranteed.

The white hat hacker admitted that tests he conducted using the dynamic, unmarked method still resulted in Blockaid flagging the transaction as suspicious and sending out a cautionary alert.

Magazine: Exclusive: 2 years after John McAfee’s death, widow Janice is broke and needs answers.