MetaMask’s commitment to user security has taken a leap forward.
Teaming up with the cybersecurity firm Blockaid, this self-custody crypto wallet is introducing an ingenious feature — security alerts.
Blockaid, an emerging security startup comprised of alumni from Israel’s prestigious Unit 8200 cyber intelligence unit, has recently emerged from stealth mode and secured a remarkable $33 million in funding, with MetaMask counted among its inaugural customers.
Today marks the commencement of this game-changing initiative for MetaMask desktop users.
By opting into the MetaMask experimental setting and incorporating the Privacy Preserving Offline Module (PPOM), users can harness the power of this offline security engine.
What sets PPOM apart is its ability to simulate and validate transactions and signatures prior to signing them.
It accomplishes this feat through node RPC communication requests to a configured node provider, without sending any data to external servers.
Senior product owner at MetaMask Bárbara Schorchit explained:
“Blockaid’s dApp scanning solution is capable of taking any dApp fully simulating all possible user interactions and validating whether those interactions are malicious, thus determining if the entire dApp is malicious or not.”
This added layer of security allows MetaMask to flag potentially malicious transactions, ensuring that your assets remain safeguarded.
The introduction of this security feature is a deliberate and considered process.
MetaMask is taking a staggered approach to its rollout, beginning with desktop users.
This approach minimises the risk of “false positives,” where legitimate operations might be mistakenly identified as malicious.
The goal is to foster trust among users by offering a reliable and robust addition to their crypto experience.
The privacy-centric aspects of MetaMask’s new alert features are equally noteworthy.
By eliminating the need to share every transaction and signature request with external parties, this new module further fortifies the protection of your personal information.
“The simulation and validation happen in the wallet within the user’s device and the only communication needed is with the blockchain itself through the user-selected node provider.”
This new feature will make its debut on the MetaMask mobile app later this November.
“By the first quarter of 2024, our intention is to have this new feature seamlessly integrated and enabled into the wallet by default, making it available to 100% of MetaMask’s users.”
Amidst the persistent and disconcerting surge of phishing scams and exploits that seem to crop up on a weekly basis, MetaMask’s latest innovation emerges as a response to one of the most pressing challenges in the industry.
Blockaid’s estimations reveal a startling truth — approximately 10% of the existing decentralised applications (dApps) harbor malicious intent.
Ido Ben-Natan, Co-founder and CEO of Blockaid, elaborated:
“For the ecosystem to be ready for billions of users, it needs to be safer. We’re excited to be working with MetaMask on leading the charge in defining how a wallet should defend its users.”
Moreover, a recent survey conducted by Consensys delves into the perceptions of Web3, uncovering a staggering statistic: 47% of global respondents identify “too many scams” as a prominent obstacle to venturing into the cryptocurrency ecosystem.
To add to the complexity, Bárbara discloses that unintended transaction outcomes rank among the most frequent causes of fund loss incidents within the MetaMask user community.
The collaboration between MetaMask and Blockaid is not uncharted territory; they jointly introduced an experimental security alert feature for the widely-acclaimed NFT marketplace, OpenSea, back in April of this year.
This endeavour garnered the attention of approximately 4% of MetaMask users, and more notably, it played a pivotal role in preventing asset theft amounting to a staggering $500 million.
As Bárbara highlights, the undeniable success of this experiment not only underscores its potential but also emphasises the monumental impact that this cutting-edge technology can have on safeguarding the crypto landscape.
She concluded that:
“MetaMask and Blockaid anticipate that the new privacy-preserving security alerts will prevent the loss of assets worth at least billions of dollars when the feature becomes a default setting for MetaMask wallets.”