First Published: 4th June 2023
Hi everyone,
Join us for another edition of Coffee With Calyptus, where we bring you captivating perspectives on the ever-changing terrain of web3 development and remote crypto jobs.
This week, we caught up with Matthew Hickey, Founder & CEO of Hacker House, the global portal for skills training, security services, cyber arms, and defense products. He offers valuable insights on web3 security, promising web3 projects and finding your niche in the industry.
What are the biggest security challenges facing blockchain technology today?
Security challenges include the risk of project compromise and asset theft alongside traditional Web 2.0 threats. Important security measures for blockchain developers include using multi-signature wallets, implementing secure cold and hot-wallet storage, and determining token types and token economics.
Attacks on blockchain projects are often sophisticated, exploiting vulnerabilities in smart contracts, minting engines, exchanges, and / or relying on social engineering tactics. It’s for this reason that security should be integrated into blockchain projects from the design stage, with monitoring and incident handling regularly tested to keep ahead of threats.
As the web3 ecosystem evolves rapidly, new technologies and changes introduce new vulnerabilities that attackers exploit. Attackers adapt their methods to exploit blockchain complexity and user naivety. It is crucial therefore for blockchain developers to prioritise security and not as an afterthought. Become pro-active rather than reactive, this makes a huge difference.
What advice would you give to an experienced software engineer who is interested in working in the (blockchain) security space?
First of all, consider your skillset and interests. If you’re interested in physics and game engines, explore opportunities in the metaverse, VR, AR, and user immersion experiences.
Traditional financial technology roles come with token swapping or exchanges which offer a more familiar web2 developer experience.
For those interested in cybersecurity, learn smart contract programming languages like Solidity, EVM, and auditing for vulnerabilities through platforms like Calyptus. As a top web3 jobs board, you could also use Calyptus to understand the skill requirements outlined by leading security companies, and work backwards from there. Whitehat hackers are highly in demand, and bug bounty platforms like Immunefi provide opportunities to enhance your skills.
What are some of the most exciting decentralised applications you’ve seen built?
I’ve been working on our web3 DAO project being built on XRPL, cove.crypto, which has been exciting. We’re implementing a CLI tool that acts like “wget” for HTTP but for the XRPL blockchain amongst other things.
I have seen many interesting projects though - the introduction of proof-of-coverage for wireless system design by Helium, using LoraWAN has been incredibly interesting to explore. I also got to enjoy a limited movie release with an NFT ticket which was cool.
Ultimately, there’s a lot going in the space and if you want to land a top web3 job, I’d encourage you to dive in and find your niche! As a low-level systems engineer I found decentralised systems, p2p and node software most engaging personally. We had a lot of fun exploring new game concepts with the ShibaNFT team who also build on XRPL.
