Secure Web3 with Trusted Data

Ryan Soury
4 min readJun 19, 2024

--

Blockchains are fantastic for managing value, and offering financial freedom and control, but they are still quite isolated from the broader world. This isolation creates challenges in embedding advanced cryptographic methods and blockchain transactions into everyday society. Trust is a crucial issue in Web3. While blockchains decentralise trust by using a network of operators to verify transactions, users still often have to rely on brands and developers, which can be risky. Smart Contracts, which are programs that run on blockchains, play a key role in this process. However, many users don’t know how to code or understand the security details of Smart Contracts, making it hard for them to trust these contracts directly.

Trust is Quite Elusive in Web3

Trust in Web3 is elusive and often exploited, eroding user confidence. Blockchains offer financial freedom and control, but this can be a double-edged sword. Some people exploit this technology for personal gain, eroding trust among users. While this gives Web3 a bad reputation, it also pushes for improvements and innovations to secure this new financial system. Trust is crucial for brands to move the industry forward and ensure the financial security of their users.

The core idea of a blockchain is to decentralise trust. It does this through a network of operators who transparently validate transactions. This shifts trust from brands or developers to the technology itself. Smart Contracts, which are programs that run on blockchains, play a key role in this process. However, many users don’t know how to code or understand the security details of Smart Contracts, making it hard for them to trust these contracts directly. Instead, they continue to trust the brands and developers behind the Smart Contracts.

At least we can trust that whatever the developer did will be consistent because we trust the blockchain executing the logic.

On a positive note, Web3 standards have improved to build trust among users. Security audits of Smart Contracts that manage digital assets on behalf of users help achieve this. Essentially, these audits allow users to trust firms with technical security expertise. The result is a report and approval stamp indicating that the Smart Contract is trustworthy, allowing users to trust the technology rather than the brand.

However, Smart Contracts are evolving. Similar to how static web pages evolved into dynamic web apps in the mid-1990s to 2000s, Smart Contracts across various blockchains are evolving to use data in managing digital assets. This introduces a new problem: data becomes a security risk.

I could have a perfectly secure Smart Contract that depends on a dataset I control, own, and have authority over. How would you know if I’ve tampered with this data for personal gain? Would you be able to tell if I changed a reward’s recipient wallet address to mine? Who’s checking this?

If these questions haven’t successfully piqued your intrigue about the gravity of the problem, consider this analogy:

Imagine two snails racing in a pitch-dark room. You have a flashlight, but it only reveals the snails’ current positions, not the paths they’ve taken. Because it’s dark, you can’t see if someone else in the room has moved the snails. Without being able to track the snails’ trails, you can’t be sure if the race has been tampered with.

Now imagine millions of dollars are on the line.

This is essentially the state of data-driven Smart Contracts.

In case my analogy wasn’t enough…

Enter “Oracles”

Decentralised Oracle Networks (DONs), like Chainlink, help by decentralising data sources. They gather data from many different places to ensure it is reliable and accurate. For example, if a Smart Contract needs the latest price of a cryptocurrency, a DON will collect this data from various sources and find a median value to provide a trustworthy result. This process shifts trust from brands or developers to the technology itself. However, this approach only works well for data that is widely available, such as asset prices.

For more private, custom, or niche data, managing trust is more challenging. This type of data isn’t as readily available and often comes from a single source, making it harder to verify. Trusted data needs to be accurate and tamper-resistant, meaning it shouldn’t be easily altered. Coindesk has highlighted this problem, noting that current solutions only ensure that data from centralised entities isn’t tampered with before it gets on the blockchain. This doesn’t make the original data any more credible.

Data Lineage Transparency

At Usher Labs, we’re working on extending blockchain trust and security beyond the blockchain itself. By creating verifiable transparency into data lineage — the journey data takes from its source to the blockchain — we aim to improve the reliability of Web3 applications. This involves using data protocols to set rules about how data should be handled, ensuring it is accurate and trustworthy.

By extending blockchain trust and security into systems beyond oracles, we offer insights into where trust is established and maintained. This helps ensure data integrity and reliability, enhancing user trust in blockchain applications and digital asset management.

To dive deeper into the technical details and explore my full research, read the full article. Learn more about our journey to data security and verifiable transparency by reading our story.

I’m getting familiar with this writing thing and aim to share more research and thoughts in the future. This will include articles and research covering the Web3 technology landscape, data security and analysis, and Usher Labs’ research and solutions roadmap. To keep up to date with Usher Labs and this sort of Web3 research-related content, hit the subscribe button and join us on Discord and Twitter.

Cheers 🤗

--

--

Ryan Soury
Ryan Soury

Written by Ryan Soury

Programmer, Tinkerer 🤓 and Berries Forager 🍓. Trusted data for blockchains at https://usher.so