"2024 Web3 User Security Awareness Research Report": Insight into security challenges and opportunities | RootData × OKX Web3 Wallet

Author: RootData & OKX Web3 Wallet

Security has always been one of the most important cornerstones of the Web3 industry. As more and more users flock to Web3 and the on-chain ecosystem becomes increasingly prosperous, the importance of asset security becomes increasingly prominent. In this field where opportunities and risks coexist, understanding the current security awareness of Web3 users is crucial to promoting and guiding the healthy development of the industry.

Recently, OKX Web3 Wallet and RootData released the "2024 Web3 User Security Awareness Research Report". Through an in-depth survey of 1,040 active Web3 wallet users, it revealed the true status of users in terms of security awareness, usage behavior, etc., and provided guidance for the future of the industry. Development provides solid reference from the front lines of the market.

1. Industry background and research significance

1.1 Web3 market status and security situation

In 2024, the Web3 market will present a new development pattern. Driven by the significant benefits of the approval of the Bitcoin spot ETF, institutional funds began to enter the cryptocurrency market on a large scale, pushing the price of Bitcoin to break through historical highs. At the same time, the explosive growth and wealth creation effect of Meme in the Solana ecosystem has become a point of participation for retail investors in this bull market.

From the perspective of user behavior, cross-chain asset allocation has become a mainstream trend. Our survey data shows that more than 80% of users hold assets on multiple public chains at the same time, among which Ethereum, BNB Chain and Solana are the most popular.

However, the rapid development of the market is also accompanied by significant security risks. According to the security quarterly report for the third quarter of 2024 released by OKLink, security incidents on the entire network chain have caused cumulative losses of approximately US$743 million. Among the 110 major attack incidents, fraud and phishing incidents dominated 61 cases, causing losses of up to 340 million US dollars, accounting for 46.03% of the total losses. The REKT incident and the RugPull incident caused losses of approximately US$80.42 million and US$4.61 million respectively. Although the scale is relatively small, they are also worthy of vigilance.

1.2 Research methods

In order to gain a deeper understanding of the current security awareness of Web3 users, OKX Web3 Wallet teamed up with RootData to conduct this user survey. The survey covered 1,040 active Web3 wallet users. The survey period was from December 3 to 13, 2024, and was analyzed from multiple dimensions such as user portraits, security awareness, and usage behavior.

2. User portrait analysis

2.1 Using empirical distributions

Survey data shows that the user group presents a relatively balanced experience distribution. Among them, experienced users (used for more than 2 years) accounted for 34.62%, forming a stable user base; users who used it for 1-2 years accounted for 30.77%, representing a mature user group; users who used it for 3-12 months accounted for 28.85%, reflecting continued market penetration; new users (used for less than 3 months) accounted for 5.77%, showing that the market is still steadily attracting new users to join.

Experienced old users provide a stable foundation for the industry, while the continuous influx of new users injects vitality into the market. The next step for the industry should focus on improving the security awareness of novice users, strengthening user education, and at the same time further enhancing the stickiness of mature and experienced users by optimizing product experience. This will help promote the continued and steady growth of the Web3 ecosystem.

2.2 Asset distribution on the chain

In terms of the use of blockchain networks, users have shown obvious needs for multi-chain asset management. Ethereum is still the most popular public chain, with a usage rate of 20.72%; closely followed by BNB Chain and Solana, both accounted for 17.12%, showing the ecological attractiveness of the two public chains, especially in low-cost and efficient transaction scenarios; Polygon ranked fourth with a usage rate of 12.61%; emerging public chains such as The usage rates of Sui and Base reached 9.46% and 6.76% respectively, reflecting users' high sensitivity to emerging technologies and opportunities.

This distribution characteristic reflects that users are increasingly inclined to cross-chain asset allocation strategies, and the distribution of users' assets on the blockchain network reflects the development trend of multi-chain coexistence.

It is foreseeable that as cross-chain interoperability and asset liquidity tools mature, the demand for multi-chain management will further rise. The industry should strengthen the development of related products and services to meet users’ asset allocation and management needs on multiple chains. Security management needs.

2.3 Trading activity

Users’ on-chain transaction frequency exhibits multi-level distribution characteristics. The data shows that 44.23% of users maintain a medium trading frequency of 5-20 times a week, forming the main user group; 21.15% of users have a low trading frequency, maintaining less than 5 times a week; high-frequency trading users (20-20 times a week) 50 times) and ultra-high-frequency trading users (more than 50 times a week) each account for 17.31%.

Judging from the mainstream market, it may be related to the emergence of more trading opportunities on the chain in this cycle, such as inscriptions, Meme quotes, etc.

3. Current status of security awareness

3.1 Awareness of private key management

When it comes to private key storage, users show different levels of security awareness. 34.65% of users choose to record and store safely on paper media; 24.75% of users use encrypted digital storage; 13.86% of users use professional hardware wallets, representing the highest level of security protection awareness.

However, 26.73% of users still use relatively unsafe storage methods, such as cloud storage, chat records or ordinary notes, indicating that there is still room for improvement in safety education.

According to SlowMist's security report last year, as many as 320,000 victims had their wallets stolen, with a total amount of $295 million stolen. In view of the rigid demand for flexibility and convenience, most current Web3 participants directly use Web3 wallets to store private keys, and security has become a fierce competition among Web3 wallets. OKX Web3 Wallet has conducted more in-depth exploration in this aspect, supporting multiple safeguards such as email binding and exchange KYC.

3.2 Decentralized asset management

In terms of asset diversification, users generally show strong risk awareness. 42.31% of users choose to use 2-3 wallet addresses for asset management, indicating that most users tend to moderately diversify their assets after weighing security and management convenience; 32.69% of users use more than 5 addresses, showing a high degree of Security awareness; 19.23% of users maintain a medium degree of dispersion of 4-5 addresses; only 5.77% of users use a single address, indicating that most users have realized the importance of decentralized asset management.

Most users have formed a security awareness of decentralized asset management, but there are still some users who may need further education and guidance. The industry may help users find the best balance between security and convenience by improving the usability of wallet management tools, optimizing the multi-address management experience, and conducting relevant risk education, thereby further improving the overall user experience and asset security level. .

3.3 Usage of security tools

Users show high vigilance in using security tools. 75% of users said they would not use custody tools such as TG robots for transactions; when faced with unfamiliar contract interaction requests, 65.38% of users would directly choose to refuse, and 26.92% of users would query contract information through a block browser. Show cautious trading attitude.

In addition, about 50% of users regularly check and manage token authorization, reflecting the importance users attach to continuous security management.

According to Scam Sniffer data, 260,000 victims lost $314 million on the EVM chain in the first half of 2024. Phishing signatures are still one of the most difficult ways for ordinary users to prevent themselves from being deceived. Generally speaking, preventing malicious authorization requires risk warning and signature confirmation.

Currently, wallets such as OKX Web3 Wallet have pre-analyzed pending transactions and integrated historical security incident databases. At the same time, highlighted text can alert users to similar phishing addresses. During final authorization, the user is required to confirm again.

4. Web3 wallet usage behavior

4.1 Function usage

Users' use of Web3 wallet functions shows diversified characteristics. The multi-chain asset management function has the highest usage rate, reaching 20.86%, reflecting users’ demand for cross-chain asset management; DEX cross-chain trading ranks second, accounting for 19.02%, and DeFi investment and NFT trading account for 16.56% and 14.72% respectively. , showing the user’s active trading needs.

This usage distribution reflects the evolution of Web3 Wallet from a simple asset storage tool to a comprehensive blockchain service platform.

4.2 Characteristics of transaction size

The distribution of users' transaction size shows a pyramid structure: 42.31% of users have a single transaction amount between 100-500 USDT, which constitutes the main transaction size; 34.62% of users have a transaction amount below 100 USDT, reflecting the prevalence of small transactions; 19.23 % of users conduct medium-sized transactions of 500-2000 USDT; only 3.85% of users conduct a single transaction of more than 2000 USDT.

Research shows that small and medium-sized transactions are the mainstream, and the industry should optimize the small- and medium-sized transaction experience to meet the needs of most users, while providing higher security for large transactions to attract the participation of high-net-worth users and institutions.

4.3 Security function preferences

When it comes to the security features of Web3 wallets, users show clear preferences:

• The phishing website warning function is the most popular security feature, accounting for 44.23%.
• The transaction signature confirmation mechanism ranks second, accounting for 28.85%.
• The contract security assessment function accounts for 11.54%.
• Other security functions (such as address detection and multi-signature mechanisms) receive less attention, distributed below 15%.

User preferences for security features focus on features that directly prevent attacks and avoid asset loss. The high proportion of phishing website warning functions shows that most users are more concerned about preventing external threats and proactive protection. The transaction signature confirmation mechanism follows closely behind, reflecting users’ needs for transaction security and controllability.

Web3 wallets should prioritize improving phishing warning and transaction signature functions, and at the same time improve users' awareness of passive defense functions such as contract security through education and guidance to comprehensively improve the wallet security experience.

5. Trends and Suggestions

5.1 Industry trends

With the development of the Web3 market, user security awareness continues to increase. The usage of hardware wallets continues to rise, showing that users are paying more attention to asset security. Decentralized asset management has become a mainstream choice, and users generally accept the concept of "don't put all your eggs in one basket".

In this trend, OKX Web3 wallet helps users effectively prevent various risks by providing comprehensive security protection mechanisms. Its innovative malicious DApp interception function and risky token filtering system provide users with comprehensive asset protection and have been widely recognized by users.

In terms of wallet functions, users have increasing demands for DeFi integration and hope to be able to conduct transactions, pledges, loans and other operations directly in the wallet. OKX Web3 Wallet performs outstandingly in this regard, providing users with a one-stop on-chain operation experience by integrating mainstream DeFi protocols and aggregators. Especially in terms of on-chain risk identification, the real-time transaction analysis system developed by it can identify potential threats before transaction execution, effectively reducing users' operational risks.

The increasing demand for multi-chain management reflects the diversified trend of user asset allocation. Survey data shows that more than 78% of users need to manage assets on multiple public chains at the same time. Against this background, OKX Web3 Wallet relies on its strong multi-chain compatibility to support multiple mainstream public chains and Layer 2 networks including Ethereum, BNB Chain, Solana, etc., providing users with a smooth cross-chain management experience.

5.2 Development suggestions

For users, they need to continue to strengthen their awareness of private key management to ensure the security of private key generation, use and storage. It is recommended that users make full use of the security features provided by modern wallet products, such as the multi-signature support and transaction risk prompts of the OKX Web3 wallet, to build a multi-level asset protection system. At the same time, cultivate the habit of decentralized asset management, reasonably configure the usage ratio of hot wallets and cold wallets, and maintain a high degree of vigilance against phishing websites and false airdrops.

For wallet products, the first priority is to continue to strengthen full-cycle security education, covering the entire process from wallet creation to information query to transaction operations. Excellent practices in the market show that organically integrating safety education into the product use process can effectively improve users' safety awareness.

For example, OKX Web3 Wallet will proactively provide security tips when users perform high-risk operations and help users avoid potential threats through an intelligent risk identification system. In addition, continuous optimization of the multi-chain management experience is also an important direction. Wallet products need to provide users with a more intuitive asset display interface and convenient inter-chain switching functions.

6. Conclusion

This survey shows that in the context of the rapid development of the Web3 market, user security awareness is gradually improving with the increase in on-chain operations, but there is still room for improvement. OKX Web3 Wallet plays an active role in improving users' security awareness through complete security functions and educational guidance. In the future, with the further development of the market and the iterative progress of technology, Web3 wallet products need to achieve a better balance between convenience and security to help users participate in the Web3 ecosystem more safely and securely.

At the same time, the research also found that users’ demand for Web3 wallets is expanding from basic asset management to more complex scenarios. This requires wallet products to provide richer functional support while ensuring security to meet the diverse needs of users in fields such as DeFi, NFT, Meme and even AI. As market popularity continues to rise, how to help new users establish correct security awareness, how to provide more professional security tools for experienced users, and how to explore new product forms such as private keyless wallets will become important issues for Web3 wallet products.

To sum up, the "2024 Web3 User Security Awareness Research Report" not only reveals the current status and challenges of Web3 users in terms of security awareness, but also points out the future development direction for the industry. In this field full of changes and innovations, users' security awareness is the cornerstone of the industry's steady development.

OKX Web3 Wallet will continue to be committed to improving users' security protection capabilities and creating a more secure, convenient and comprehensive Web3 experience for users through continuous innovation and improvement of product functions. At the same time, we also call on the entire industry to work together to strengthen security education, enhance users' security awareness, and jointly promote the prosperity and development of the Web3 ecosystem.