Paper 2024/271

Understanding User-Perceived Security Risks and Mitigation Strategies in the Web3 Ecosystem

Janice Jianing Si, University of Macau
Tanusree Sharma, University of Illinois at Urbana-Champaign
Kanye Ye Wang, University of Macau
Abstract

The advent of Web3 technologies promises unprecedented levels of user control and autonomy. However, this decentralization shifts the burden of security onto the users, making it crucial to understand their security behaviors and perceptions. To address this, our study introduces a comprehensive framework that identifies four core components of user interaction within the Web3 ecosystem: blockchain infrastructures, Web3-based Decentralized Applications (DApps), online communities, and off-chain cryptocurrency platforms. We delve into the security concerns perceived by users in each of these components and analyze the mitigation strategies they employ, ranging from risk assessment and aversion to diversification and acceptance. We further discuss the landscape of both technical and human-induced security risks in the Web3 ecosystem, identify the unique security differences between Web2 and Web3, and highlight key challenges that render users vulnerable, to provide implications for security design in Web3.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Proceedings of the 2024 CHI Conference on Human Factors in Computing Systems
DOI
10.1145/3613904.3642291
Keywords
Web3 ecosystemsecurity riskuser perceptionmitigation strategy
Contact author(s)
janice sijianing @ connect um edu mo
tsharma6 @ illinois edu
yewang ethz @ gmail com
History
2024-02-19: last of 2 revisions
2024-02-18: received
See all versions
Short URL
https://ia.cr/2024/271
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX 

@misc{cryptoeprint:2024/271,
      author = {Janice Jianing Si and Tanusree Sharma and Kanye Ye Wang},
      title = {Understanding User-Perceived Security Risks and Mitigation Strategies in the Web3 Ecosystem},
      howpublished = {Cryptology ePrint Archive, Paper 2024/271},
      year = {2024},
      doi = {10.1145/3613904.3642291},
      note = {\url{https://eprint.iacr.org/2024/271}},
      url = {https://eprint.iacr.org/2024/271}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.