Social media has become essential for almost all digital products, and crypto is no exception. Crypto communities on social media have grown so much that there are subgroups on several social media platforms (e.g., crypto Twitter).
In recent times, Discord has grown into one of the most preferred social media platforms, especially among millennials. Whether you’re looking for a place to chat with friends during your favorite online game or just want to stay connected with people who share your interests, Discord is a great option.
Among crypto projects, Discord has amassed a lot of popularity due to the many unique advantages it offers, such as the ease of automation and integrations. Cryptocurrency projects have been increasingly using Discord to engage with their communities.
However, even Discord is not free of risks. Recently, reports emerged detailing how a prominent NFT project was hacked, and several NFTs from the collection were stolen. The incident happened when hackers breached the project’s official Discord server and posted phishing links on the server posing as server admins.
A total of 32 NFTs were reportedly stolen, which amounted to a value of more than 200 ETH.
This is not the first time such an attack has happened. Earlier this year, the official Instagram account of the same project was breached by hackers, who then used it to share phishing links, which ultimately led to 100 NFTs being stolen.
Currently, once stolen, these NFTs can always be easily sold to unsuspecting buyers, leading to a pure profit for the scammers.
Even though the mode of attack is clear, these sorts of hacks against projects through social media platforms like Discord show no sign of stopping.
So, what can projects do to safeguard themselves from these targeted hacks?
Digital identity credentials could allow users to verify their identity on the internet – and an identity verified community can further strengthen a project.
Social media platforms like Discord often have a verification mechanism to filter out bots from real users. A properly implemented and simple enough digital identity verification system would do exactly the same, verifying a user and providing them with a credential.
The credential may help the user prove who they are online. Once proved, the credential will enable users to access the services and information they need.
Digital credentials stored and accessed through a centralized storage mechanism offer little benefit over traditional verification mechanisms, as the process carries the following risks:
First, if credentials are centrally managed, they are typically also centrally stored. This means that there is a single point of failure for the entire system – if the central storage location is compromised, then all of the credentials in the system can be compromised too.
Additionally, in a centralized credential management system, there is typically one set of credentials (username and password) that gives users access to all resources. This can be a significant security issue if this single entry-point is compromised by a hacker. And as the old adage goes: a chain is only as strong as its weakest link.
Finally, centralized credentials can lack credibility as they can be easily manipulated by hackers with minimal resources.
A decentralized system that addresses these issues could offer great value to its users.
Decentralized identity credentials offer several advantages over traditional centrally-issued credentials. They are more secure, as they cannot be lost or stolen like physical cards or passwords. They are also more private, as individuals have complete control over who has access to their personal data. Finally, decentralized credentials are more trustworthy, as manipulating them requires a lot of resources.
SelfKey Credentials provide a way for users to securely store and manage their digital identities. SelfKey Credentials are an essential part of the SelfKey ecosystem. They are a decentralized identity solution that allows users to control and share their own data with others only when they want to.
Originally referenced in the SelfKey Whitepaper, SelfKey Credentials currently have more applications and utilities than ever. The MetaProof platform and the Living Avatar NFTs, which are now in development, will provide a state-of-the-art upgrade for SelfKey Credentials.
Once implemented, the identity verification ecosystem consisting of these components will help users to verify and safeguard their identity online with the help of NFTs, simplifying the verification process while also making it more secure.
Cryptocurrency projects can freely adopt and implement this solution for safeguarding their community on social media platforms.
If we go back to the example of the NFT project hack, a properly implemented identity verification system could have averted the situation in the following ways:
SelfKey credentials have been developed in order to ensure such verifications. As envisioned, any attribute about an identity owner could be proved using their SelfKey credentials. Thus an NFT holder could easily verify their identity using SelfKey credentials, and a hacker who has stolen the NFT credentials would not be able to sell them on an open marketplace.
The digital world is never free of risks, especially when the stakes are high, and for cryptocurrencies, NFTs, and similar new-age products, the stakes are even higher.
However, these products are here to stay, and new products that can ensure the safety of users need to be prioritized. Decentralization minimizes users’ risk of suffering conventional hacks and breaches, but the attack vectors are always changing, calling for innovative and secure, defensive solutions.
As the digital world transforms from centralized to decentralized, identity management alone can’t remain in the past. A properly implemented decentralized identity management solution is a necessity for the future we’re heading into.
Products developed by SelfKey like the MetaProof Platform and Living Avatar NFTs, in combination with SelfKey Credentials, can formulate a user-governed identity management ecosystem that can ensure identity verification and management for its users. This solution could also be adopted and adapted by other projects, particularly to safeguard their users from more obvious threats like social media hacks.
The future awaits, and if there is one thing that history has taught us, it’s that those who are reluctant to evolve will be left behind. SelfKey is evolving – there are a plethora of use cases we can solve from regulation, travel rules, cyber security, account takeovers, and more…
The only question is: are you with us?