In the rapidly evolving world of Web3, the question of how to build trust on-chain looms large, especially in the wake of recent crypto losses surpassing $364 million last month. As blockchain pioneers gather insights, CertiK emerges at the forefront of addressing these concerns, leveraging its expertise in blockchain security. Jason Jiang, CertiK's Chief Business Officer, offered thought-provoking perspectives on this critical issue during his keynote at Proof of Talk 2025.
Jiang began by addressing the inherent challenges of Web3 security and the limitations of traditional static audits. "As CertiK has emphasized," he noted, "static code verification, even at a high standard, is only one layer of a broader security model. It's necessary but fundamentally insufficient for trust. Many risks arise after an audit." His commentary highlights the evolving complexity of blockchain security ecosystems where upgradeable contracts, changes in governance, and external account control can present unforeseen risks. As Jiang succinctly put it, "Audited does not mean secure."
The Web3 landscape, according to Jiang, moves at an unparalleled pace. "In crypto, one year is equivalent to eight in traditional industries," he observed, stressing that longstanding trust is built on more than longevity. “Trust in Web3 isn't just about code; it's about code plus conduct, culture, and compliance.” He underscored the significance of well-funded bug bounty programs, which reflect a project's dedication to transparency and accountability, and the necessity for projects to publish detailed postmortems following security incidents.
CertiK’s innovative approach to fostering trust signifies a major paradigm shift in blockchain security. Jiang articulated this movement from a static audit model to a dynamic “security-as-a-service” framework. "At CertiK," he stated, "we're driving a shift from a static 'audit-as-security' model to a dynamic 'security-as-a-service' paradigm. Our approach includes pushing for on-chain audit attestations, leveraging real-time security monitoring and risk scoring, embedding continuous verification, and developing AI-assisted auditing."
The implementation of tools like Skynet for real-time monitoring and risk scoring, alongside AI-aided evaluations, demonstrates CertiK’s commitment to a holistic security infrastructure. This methodology not only empowers Web3 builders with robust security foundations but also excels in setting new industry standards for trust.
Through Jiang’s insights, it’s evident that building trust within decentralized systems necessitates a comprehensive strategy—incorporating continuous security assessments, transparent conduct, and a culture of relentless improvement. This dynamic approach is crucial in reassuring users and stakeholders, paving the way for a more secure and trustworthy Web3 ecosystem. As the industry transitions into this new era, CertiK’s leadership exemplifies how proactive and adaptive strategies can effectively address the unique challenges of blockchain security.
