Web3 Applications Security and New Security Landscape: Theories and Practices
Huang, Ken, Parisi, Carlo, Tan, Lisa Jy
相關主題
商品描述
With the recent debacle surrounding the cryptocurrency exchange FTX and the crypto trading company Alameda Research, the importance of grasping the security and regulation of Web3, cryptocurrency, and blockchain projects has been magnified. To avoid similar economic and security failures in future Web3 projects, this book provides an essential guide and a comprehensive and systematic approach to addressing security concerns. Written by experts in tech and finance, it provides an objective, professional, and in-depth analysis of security and privacy issues associated with Web3 and blockchain projects.
The book primarily focuses on Web3 applications and ecosystem components such as the stablecoin, decentralization exchange (DEX), decentralized finance (DeFi), non-fungible token (NFT), decentralized autonomous organization (DAO), and crypto exchange. It also discusses various security issues and their manifestation in Web3 such as ransomware, supply chain software attacks, AI security, and quantum security. Moreover, it provides valuable countermeasures and best practices for individual users as well as Web3 application development teams to consider when designing and implementing Web3 applications.
This book is an excellent resource for a diverse range of readers and will particularly appeal to Web3 developers, architects, project owners, and cybersecurity professionals seeking to deepen their knowledge of Web3 security.
商品描述(中文翻譯)
隨著近期圍繞加密貨幣交易所 FTX 和加密交易公司 Alameda Research 的醜聞,掌握 Web3、加密貨幣和區塊鏈專案的安全性與監管的重要性愈加凸顯。為了避免未來 Web3 專案中出現類似的經濟和安全失敗,本書提供了一個必要的指南,以及一個全面且系統化的方法來解決安全問題。這本書由科技和金融領域的專家撰寫,提供了對 Web3 和區塊鏈專案相關的安全與隱私問題的客觀、專業和深入的分析。
本書主要聚焦於 Web3 應用程式及其生態系統組件,如穩定幣、去中心化交易所 (DEX)、去中心化金融 (DeFi)、非同質化代幣 (NFT)、去中心化自治組織 (DAO) 和加密貨幣交易所。它還討論了各種安全問題及其在 Web3 中的表現,例如勒索病毒、供應鏈軟體攻擊、人工智慧安全和量子安全。此外,本書提供了對個別用戶以及 Web3 應用程式開發團隊在設計和實施 Web3 應用程式時應考慮的寶貴對策和最佳實踐。
本書是各類讀者的優秀資源,特別適合希望深入了解 Web3 安全的 Web3 開發者、架構師、專案擁有者和網路安全專業人士。
作者簡介
Ken Huang is Chair of the Blockchain Security Working Group for Cloud Security Alliance Great China Region (CSA GCR) and the author of multiple books both in English and Chinese on blockchain and Web3. Over the past 20 years, he has worked on application security, identity and access management, and cloud security for the fintech industry as well as federal civilian agencies. He has been certified as CISSP since 2007 and as CEO of DistributedApps, he provides cybersecurity consulting services on Blockchain and AI for startup companies globally. He is an invited speaker to numerous local and global conferences in Blockchain, AI, and Security including Davos WEF, CoinDesk Consensus, IEEE, ACM, World Bank, Stanford University, UC Berkeley, Bank of China, and Huawei.
Carlo Parisi is a smart contract auditor and an Italian content creator who has been involved in the crypto industry for many years, conducting his first bitcoin transaction in 2013. He completed his bachelor's degree in Computer Science from the University of Bari Aldo Moro and has gained several years of experience working as a developer in both Java and Solidity. In 2022, he joined Hacken as a solidity smart contract auditor.
Lisa JY Tan is the founder and lead economist at Economics Design, a research-focused consultancy for digital ecosystems. In the academic world, she contributes to research work in various fields like math and economics, while having practitioner exposure with startups and global businesses. She's also one of the leaders in a United Nations x Stanford University project on regulating digital currencies. She is also the author of Economics and Math of Token Engineering and DeFi, a research-based textbook.Winston Ma, CFA is an investor, author, and adjunct professor in the digital economy. Most recently for 10 years, he was Managing Director and Head of the North America Office for China Investment Corporation (CIC), China's sovereign wealthfund. Prior to that, Mr. Ma served as the deputy head of equity capital markets at Barclays Capital, a vice president at J.P. Morgan investment banking, and a corporate lawyer at Davis Polk & Wardwell LLP in New York. He was selected as a 2013 Young Global Leader at the World Economic Forum (WEF) and has been a member of the Council for Long-Term Investing and the Council for Digital Economy and Society. He has been a member of the New York University (NYU) President's Global Council since its inception, and in 2014 he received the NYU Distinguished Alumni Award.
Dr. Zhijun William Zhang is the Technology and Innovation Adviser at the Bank for International Settlements (BIS) Innovation Hub - Nordic Centre, where he focuses on cybersecurity and resilience for future financial market infrastructure. Prior to that, he was the lead information security architect at The World Bank Group (WBG), where his team is responsible for security architecture design and assessment of all technology platforms and business solutions. William received his BS degree from Peking University, and his Ph.D. from the University of Maryland, both in computer science.
作者簡介(中文翻譯)
Ken Huang 是雲端安全聯盟大中華區(CSA GCR)區塊鏈安全工作組的主席,並且是多本關於區塊鏈和 Web3 的中英文書籍的作者。在過去的 20 年中,他在金融科技行業及聯邦民事機構從事應用安全、身份與存取管理以及雲端安全的工作。他自 2007 年以來獲得 CISSP 認證,並作為 DistributedApps 的 CEO,為全球初創公司提供區塊鏈和人工智慧的網路安全諮詢服務。他是多個區塊鏈、人工智慧和安全領域的本地及全球會議的受邀演講者,包括達沃斯世界經濟論壇、CoinDesk Consensus、IEEE、ACM、世界銀行、史丹佛大學、加州大學伯克利分校、中國銀行和華為。
Carlo Parisi 是一位智能合約審計師及意大利內容創作者,參與加密產業多年,並於 2013 年進行了他的第一次比特幣交易。他在巴里阿爾多·莫羅大學獲得計算機科學學士學位,並在 Java 和 Solidity 開發方面積累了幾年的經驗。2022 年,他加入 Hacken 擔任 Solidity 智能合約審計師。
Lisa JY Tan 是 Economics Design 的創始人及首席經濟學家,該公司是一家專注於數位生態系統的研究型顧問公司。在學術界,她在數學和經濟學等多個領域貢獻研究工作,同時也與初創公司和全球企業有實務接觸。她還是聯合國與史丹佛大學合作的數位貨幣監管項目的領導者之一。她也是《Token Engineering 和 DeFi 的經濟學與數學》這本基於研究的教科書的作者。
Winston Ma, CFA 是數位經濟的投資者、作者及兼任教授。最近的 10 年,他擔任中國投資公司(CIC)北美辦公室的董事總經理及負責人,該公司是中國的主權財富基金。在此之前,Ma 先生曾擔任巴克萊資本的股權資本市場副主管、摩根大通投資銀行的副總裁,以及紐約的 Davis Polk & Wardwell LLP 的企業律師。他於 2013 年被選為世界經濟論壇(WEF)的青年全球領袖,並且是長期投資委員會及數位經濟與社會委員會的成員。他自成立以來便是紐約大學(NYU)校長全球委員會的成員,並於 2014 年獲得 NYU 傑出校友獎。
Dr. Zhijun William Zhang 是國際結算銀行(BIS)創新中心 - 北歐中心的技術與創新顧問,專注於未來金融市場基礎設施的網路安全與韌性。在此之前,他是世界銀行集團(WBG)的首席資訊安全架構師,他的團隊負責所有技術平台和商業解決方案的安全架構設計與評估。William 在北京大學獲得計算機科學學士學位,並在馬里蘭大學獲得計算機科學博士學位。
