Security Data Layer
Last updated
Last updated
In the last few years, GoPlus Network has experienced exponential growth, with user security data usage increasing by over 5000 times from what was recorded in 2022 and daily API calls reaching 21 million, demonstrating high levels of user trust. However, as we continue to grow and evolve, we recognize the importance of adopting a more decentralized approach to data generation and verification. Therefore, ensuring the integrity and reliability of user security risk data is of paramount importance for GoPlus Network. To address this critical need, we propose a decentralized Security Data Contribution and Verification Layer that harnesses the power of multi-party participation and automated verification processes.
This foundational layer of the GoPlus Network offers trustworthy, rich, and real-time security data via a decentralized security data system designed to tackle the complex landscape of Web3 user security by facilitating the collection, verification, and utilization of security-related data. The layered architecture ensures a comprehensive and effective approach to identifying and mitigating security risks, leveraging the collective wisdom and expertise of various stakeholders, including end-users, security researchers, developers, and third-party security service providers.
Security Data Contributors Security data contributors form the foundation of the entire system. They provide valuable information about potential security risks and threats through various channels, including but not limited to:
End-users: Regular users of Web3 applications can report security issues they encounter, such as suspicious scam activities, phishing attempts, or rug-pulls.
Security researchers: Professional security researchers can contribute their findings on risks, security analysis, and other in-depth user security insights.
Third-party security companies & organizations: Specialized security firms can offer comprehensive threat intelligence and risk assessment reports.
Through incentivization and recognition mechanisms, we encourage broad participation to establish a comprehensive and diverse user security database.
To ensure the credibility and accuracy of the contributed data, we implement a multi-tiered decentralized verification mechanism. The Security Data Verification system consists of a Primary verification process and a Secondary verification process, working in tandem to validate the security data.
The Primary verification employs a multi-faceted approach to data verification, incorporating trusted third-party entities and automated computational methods:
Third-Party Verification Nodes: Reputable entities operate verification nodes that leverage their expertise and resources to assess the veracity of user-contributed information.
Computational Verification Nodes: Automated computational methods, are utilized to verify some specific types of security data, employing SecScan, advanced algorithms and AI techniques.
Auditors: Independent auditors oversee the verification process, ensuring compliance with established protocols and maintaining the integrity of the system.
The Secondary verification is triggered when disputes arise in the Primary verification. It is composed of highly specialized security teams and institutions that focus on resolving controversies in Primary verification:
Elite Security Teams: Renowned security teams with extensive expertise in Web3 security are enlisted to investigate and resolve complex disputes such as SlowMist, Blocksec, etc.
Institutional Arbitrators: Respected institutions, such as respected university labs and Web3 industry leaders, act as impartial arbitrators to settle disagreements and provide final verdicts.
The Secondary verification ensures that any contentious issues are thoroughly examined and resolved by the most qualified experts in the field.
By seamlessly integrating security data contributors and the multi-tiered verification mechanism, we create a robust and resilient decentralized security data ecosystem. This innovative approach not only enhances the diversity, professionalism, and accuracy of risk data, but also providing users with a robust foundation for risk control and strengthening the underlying risk management models, ultimately serves to protect users' security. By working together, we can lay a solid foundation for the future of digital interactions, enabling all participants to explore the possibilities of a new paradigm of user security data.