MetaMask, in collaboration with security firm Blockaid, has launched a new feature to enhance user security. Desktop users can now opt-in to the feature by enabling the MetaMask experimental setting and adding the Privacy Preserving Offline Module (PPOM). Developed by MetaMask, PPOM serves as an offline security engine that verifies transactions and signatures before signing them. It achieves this by utilizing node RPC communication requests to a configured node provider, eliminating the need to send sensitive data to external servers.
Enhanced Security with Blockaid’s dApp Scanning Solution
Blockaid’s dApp scanning solution plays a crucial role in the new feature. It can simulate user interactions within any decentralized application (dApp) and determine if they are malicious or not. By analyzing the behavior of the entire dApp, the system can identify potential threats to users. During the initial stage of integration, users who opt-in will be alerted if a transaction appears to be malicious. MetaMask plans to roll out this feature on its mobile app in November and aims to seamlessly integrate it by default for all MetaMask users by the first quarter of 2024.
Tackling Malicious Activities and Privacy Concerns
Phishing attacks and scams are persistent issues in the cryptocurrency industry. According to Blockaid, around 10% of existing dApps are malicious. A survey conducted by Consensys revealed that 47% of global respondents consider “too many scams” as a significant barrier to entering the crypto ecosystem.
In Q3 2023, the blockchain security platform Immunefi reported 76 hacks on crypto and Web3 projects and firms, marking a significant increase from the previous year. These hacks resulted in losses of approximately $332 million. To address these concerns, MetaMask’s new security feature aims to prevent false positives and ensure legitimate operations are not flagged as malicious.
Bárbara Schorchit, senior product owner at MetaMask, emphasized the privacy features of the new module. Transactions and signature requests no longer need to be shared with external parties. The simulation and validation processes occur within the user’s device, with communication limited to the blockchain itself through the user-selected node provider.
MetaMask’s collaboration with Blockaid and the introduction of the new security feature is a significant step towards protecting user data and addressing the growing concerns of scams and malicious activities in the cryptocurrency industry.
