This week we saw a multi-million dollar hack of around 8,000 Slope wallets on the Solana network. While it wasn’t a hack of the Solana Protocol, it was another high-profile security breach in the sector. Now, a report suggests that a major hack on Play-to-Earn and GameFi is only a “matter of time”.
In a recent article by Cointelegraph, cybersecurity auditing firm, Hacken, suggest that the next target for major hacks will be GameFi and Play-to-Earn (P2E) games. In the currently unpublished report, Cointelegraph share that most cybersecurity measures by these projects are “unsatisfactory” and that they are putting profits above security.
“GameFi projects […] do not follow even the most essential cybersecurity recommendations, leaving malicious actors numerous entry points for attacks.”
— Hacken, via Cointelegraph
The report is said to suggest that of the 31 GameFi tokens studied, none received their highest score of AAA, and over half received the worst possible score of D.
GameFi Cannot Afford Major Hacks
GameFi is a bastardized term that I have been outspoken about. While it could refer to gaming economies utilizing blockchain, it instead has become a genre within gaming. This is primarily a result of P2E games that choose tokenomics over gameplay in the extreme. I do believe these have a place insofar as they have acted as interesting use cases and examples of tokenized economies within games, they are not strictly games.
The money made by some of the best and most famous early examples of P2E games, unfortunately, attracted a sea of have-a-go devs who thought they could get some easy money. The worst part is that some of them were correct. As a result, many P2E and GameFi projects have a clear object and it’s exactly what Hacken appears to have found: profits above everything.
There have been a sea of hacks in crypto, particularly this year, but comparatively few have been in blockchain gaming. Asides from the heavy, $600m Ronin bridge hack, which was only partially related to the game it served (Axie Infinity), GameFi hasn’t had too many high-profile, major hacks. Incidentally, in Hacken’s report, it was found that only 2 of the 31 GameFi projects studied had a bug-finder fee, one of which was Axie (though this came after the Ronin disaster.)
GameFi and Play-to-Earn gaming already have a substantial image issue; many gamers — including those who embrace Web3 — are critical of this brand of project. Gamers who do not embrace Web3 also weaponize it against the integration of blockchain and NFTs into traditional games. If we start seeing major hacks in Web3 games, as we have seen in all other areas of crypto, it could set back Web3 gaming a significant amount.