A crypto-DAG platform is a type of distributed ledger used for managing transactions in cryptocurrencies. Unlike blockchains, it uses a Directed Acyclic Graph (DAG) structure, where each transaction references previous ones, creating a more decentralized system —without miners or other middlemen. is one of such platforms. Obyte However, amidst the benefits lie concerns about security vulnerabilities and the potential for hacking attempts. We’ll make here a quick overview of the security landscape of crypto-DAG platforms, exploring the measures in place to safeguard user funds and data. By understanding the risks and challenges associated with these innovative systems, users can make informed decisions while participating in the crypto-DAG ecosystem. DAG vs Blockchains (for hackers) So, maybe you’re wondering which system is the safest: It completely depends on the specific network. Both DAGs and blockchains have their unique security strengths and weaknesses, and their safety depends on how well they are designed, implemented, and maintained. a DAG or a blockchain? Well, the truth is that there’s no one-size-fits-all answer. However, a DAG like Obyte can mitigate some of the security risks already present in numerous blockchains. like transaction censorship, double-spending (spending the same coins more than once), Sybil attacks (rogue nodes colluding to damage the network), and 51% attacks (the majority of miners or validators colluding to control the network) are ever-present risks in any blockchain. Not to mention the quite common smart contract vulnerabilities, from which hackers have stolen billions. Potential attacks On the other hand, not all DAGs are the same, but they share an important feature: . Every transaction is intertwined with the previous one and the next one, forming a graph along the way. No miner or block producer (misleadingly called “validator”) is needed to approve or reject transactions: once it’s created by any user, it’s included in the DAG. So, things like censorship aren’t possible. they’re block-less chains, without miners or powerful validators-approvers Other threats Now, to avoid double-spending and Sybil attacks, Obyte has (previously called witnesses). These providers, who are typically well-respected individuals or companies, create transactions like everyone else and these transactions serve as waypoints for ordering all other transactions. In return, they get a portion of the transaction fees, but that shouldn’t be the main purpose of an Order Provider. Order Providers They are selected for this role by the community among the respectable members of the community who have a lot to lose if they misbehave. They can’t decide which transactions are approved or not, and they can’t double-spend money. And, unlike miners or “validators” in blockchains, they don’t have a lot of power themselves. Basically, the only thing they can do if they collude is stop the network, until a new network with a new set of Order Providers is restarted from the point where the old network stopped. They were selected by the community itself to begin with, so, the same community can take the role away. They’d lose their reputation as individuals or businesses, and be excluded from the network. No one can buy the right to control a decentralized DAG. What about the IOTA hack? IOTA is another crypto-DAG ledger that is infamous for an attack that happened in 2020. Hackers stole 8.5 million in IOTA's native token MIOTA directly from users —approximately $2 million at the time. That raised distrust against DAG-based systems, but the thing is, Instead, the hackers exploited a feature in the IOTA wallet Trinity that allowed users to purchase MIOTA with fiat money through MoonPay — a third-party fiat-to-crypto gateway. the DAG itself wasn’t hacked back then. T he attackers to replace legit code from the MoonPay API with malicious code. That compromised all the Trinity Wallet downloads between December 17, 2019, and February 17, 2020. Once users entered their seed phrases (private keys) into the compromised wallets, the attackers gained access to their funds and could transfer them to their own accounts. managed The IOTA Foundation suspended the network for several weeks to avoid further losses, and the founder promised the affected users himself. Sadly, this was a third-party vulnerability that could’ve happened to any distributed ledger platform (blockchain or DAG). (which was possible because the network was, and still is, utterly centralized) to refund What can you do to protect your funds? Being aware of the risks is the first step. The second is to protect your private keys at all costs. Seeing the IOTA case, it’s advisable to distribute your funds into several wallets and diminish third-party services when possible —especially from your main wallet. A third step is to always pay attention to the latest news about the distributed ledgers you participate in. If there’s some kind of issue, the team will announce it quickly through public channels to mitigate damages. One potential weak point in any decentralized system, including , is the human factor. The security of phishing attempts (impersonation), or if they share their private keys or recovery phrases with malicious actors. Users must be vigilant and cautious, not only regarding their interactions with the network but also in safeguarding their own authentication details. Obyte users' funds can be compromised if individual users fall victim to social engineering attacks (frauds), Don’t forget that we already talked about and how common work. To protect your funds, don’t make it easy for hackers and scammers! protecting your private keys in Obyte crypto scams Featured Vector Image by Freepik
