MetaMask Launches Privacy-Preserving Security Alerts to Prevent Theft of Billions

MetaMask, the world’s leading self-custody web3 platform developed by Consensys, and Blockaid, a leading web3 security provider, have today announced the launch of privacy-preserving security alerts in the MetaMask extension . This new feature makes MetaMask the first self-custody web3 wallet to integrate native security alerts, proactively preventing malicious transactions and protecting users from scams, phishing, and hacks.
The essence of the new system is aimed at scaling up security while preserving users’ privacy. According to MetaMask and Blockaid, these privacy-preserving security alerts, available to all users globally, were introduced to prevent theft of assets worth billions.
The official launch of MetaMask holds today, October 31st, 2023, with the ability for desktop users to opt-in under the MetaMask experimental setting. The feature will debut on the MetaMask mobile app later in November. And by the first quarter of 2024, this new feature will be seamlessly integrated and enabled into the wallet by default, based on the plan to make it available to 100% of MetaMask’s users.

Most web3 wallets rely on sharing users’ transaction data with a third party for validation to provide security alerts. In contrast, MetaMask and Blockaid have pioneered a unique privacy-preserving module that effectively simulates transactions while eliminating the need to share every single transaction and signature request with external parties.
“With these native privacy-preserving security alerts, MetaMask is not only enhancing user safety but also setting a new standard for privacy-preserving security in the web3 ecosystem. Privacy is a core value of web3 and should not need to be sacrificed to improve usability. Instead, it should be a guiding principle in the development of solutions to improve the space. As we continue to innovate, we remain committed to empowering users and providing them with the tools they need to navigate the world of web3 with confidence,” Dan Finlay, Co-Founder of MetaMask and Chief Ethos Officer at Consensys, said.
Blockaid already has an established record of preventing theft. When Vitalik Buterin’s X (formerly Twitter) account was hacked to promote a malicious dapp, Blockaid’s proactive scanning was able to flag the bad actor and stop over $100,000 in digital assets from being stolen. When a similar scam targeted the CEO of Uniswap’s X account, Blockaid acted in similar manner and prevented any loss. These types of attacks occur regularly, so losses averted quickly add up.

The web3 ecosystem is dynamic, with approximately 3-4 new dapps emerging every minute, translating to around 5,000 per day. Blockaid estimates that about 10% of these dapps are malicious. Unintended transaction outcomes have ranked among the most common causes of fund loss incidents within MetaMask. Security alerts that proactively thwart malicious transactions are pivotal in safeguarding users against scams, phishing, and hacks.
A recent survey commissioned by Consensys on the perceptions of web3 saw 52% of Nigerian respondents citing “too many scams” as one of the primary barriers for entering the crypto ecosystem. This underscores the importance of increasing user safety to broader adoption.
In April 2023, MetaMask and Blockaid jointly introduced Opensea security alerts as an experimental opt-in feature. This feature garnered adoption from an average of 4% of MetaMask users and effectively averted asset theft valued at $500 million, based on prevented and identified malicious transactions since April 2023. The success of this experimental opt-in feature means MetaMask and Blockaid anticipate the new privacy-preserving security alerts will prevent the loss of assets worth billions in dollars when the feature becomes a default setting for MetaMask wallets.

Also speaking, Ido Ben-Natan, Co-founder and CEO of Blockaid, said: “For the ecosystem to be ready for billions of users, it needs to be safer. We’re excited to be working with MetaMask on leading the charge in defining how a wallet should defend its users. Together we are setting the standard for web3 security across users and builders in the space.”
Barbara Schorchit, Senior Product Owner at MetaMask, added: “In our commitment to prepare for the broader adoption of web3 by the next billion users, we acknowledge the importance of developing features that prioritize ease of use and accessibility while staying aligned with the core values of web3. This is the driving force behind our focus on creating a privacy-preserving version of security alerts, one that eliminates the need to share each transaction and signature request data with third parties. Blockaid’s dapp transaction validation solution protects users from malicious transactions without compromising their privacy.”

In September of this year, MetaMask introduced MetaMask Snaps for advanced users, with a Transaction Insights category. While the new privacy-preserving security alerts will be seamlessly integrated within MetaMask, users worldwide will continue to have the opportunity to incorporate their preferred security layers by installing transaction insights via MetaMask Snaps. The new security alerts are meant to supplement rather than replace Transaction Insights Snaps, creating multiple layers of protection.
While Blockaid’s partnership with MetaMask will have a substantial impact on bolstering security, education remains pivotal to ensure users engage with the web3 ecosystem in a safe and self-managed manner. In January 2023, MetaMask unveiled MetaMask Learn, a learning simulation platform meticulously crafted to assist users in navigating the intricacies of the web3 landscape and self-custody wallets.

Related Articles