\n
![](\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDQvZDJkODU2N2QtM2FmMS00YzM1LWFhODItMmE0YTFmNDM3Nzk3LmpwZw==.jpg\")
<\/p>\n
\n<\/p>\n
Smart contract auditing firm Hacken CEO Dyma Budorin thinks Web3 cybersecurity providers are failing the crypto industry and that \u201chuge blind spots\u201d in market practices are impacting investor behavior.<\/p>\n
Budorin believes a lack of accountability and transparency in the audits many providers perform falls short of reassuring users and projects.<\/p>\n
Currently, smart contract auditors take no accountability if a token they have audited gets hacked due to a bug in the code. Unsettlingly, most of the largest hack events<\/a> in 2022 occurred on projects that were audited by third parties. <\/p>\n In a call with Cointelegraph on Apr. 27, Budorin said this makes him uneasy as it compromises the growth trajectory of the Web3 cybersecurity industry which is already lagging far behind<\/a> non-crypto equivalents according to a report from Hacken.<\/p>\n Web3 auditors take a deep dive into the code of a token in search of threats of varying severity. These audits do not assess other factors like the viability of a business model, team experience, and others.<\/p>\n Budorin explained that \u201cauditors have a lot of responsibility\u201d which is being ignored because the money is coming in and there is no public outcry for better products. However, to him, the services they provide are inadequate, as he says<\/p>\n \u201cThey are missing tests, accountability, and transparency in ratings of cryptocurrencies.\u201d <\/p><\/blockquote>\n Even in the rare instance that a project wanted a more robust audit, they would not be able to get it from cybersecurity firms in Web3 because Budorin says \u201ccurrently in Web3 cybersecurity, there are no companies offering recurring audits\u201d that happen monthly and go into much more depth about the project.<\/p>\n \u201cRight now, the best market practice is to get a token audit and that\u2019s it.\u201d<\/p><\/blockquote>\n Budorin used token bridges as an example to demonstrate the dangers of an industry without thorough auditing mechanisms. Two of the largest crypto hacks so far in 2022 took place on token bridges Wormhole<\/a> and Axie Infinity\u2019s Ronin Bridge<\/a> which lost a combined $920 million. <\/p>\n While hindsight is always 20\/20, it is likely that a full scope audit of any of the bridges that have been hacked this year including Wormhole, Ronin Token Bridge, Qubit\u2019s QBridge<\/a>, and Meter\u2019s Meter Passport<\/a>, could have prevented disaster.<\/p>\n In addition to apparent bugs in the code, Budorin said that token bridges further illustrate how there are \u201ca huge amount of blindspots\u201d in cybersecurity because \u201cThere is no way of knowing who is responsible for the keys, who mints new tokens, if the tokens are properly bridged, and so on with no transparency.\u201d<\/p>\n