In December, the web3 community welcomed the advent of Web3 Antivirus — a solution that aims to help users steer clear of phishing scams and dangerous smart contracts. We met with W3A founder Alex Dulub and asked him to share some details on this interesting project.
Alex, could you introduce yourself to our readers, please?
Hi, it’s very nice to meet you. As you already mentioned, my name is Alex, and I’m the founder of Web3 Antivirus. I have always been fascinated by cutting-edge technologies such as blockchain and AI, and, of course, I am a huge web3 enthusiast.
This interest eventually led me to establish my software development and consulting company, PixelPlex. This year we celebrate our 15th anniversary, and I think the launch of Web3 Antivirus is a great way to commemorate this milestone.
How have you come up with the idea of creating Web3 Antivirus?
Well, while working on auditing and building smart contracts with my team, we saw a great amount of fraud, leading to detrimental outcomes. It’s horrible how millions of dollars can be lost to scams in just a few clicks.
Obviously, there was an urgent need for a security solution able to detect web3-specific threats such as malicious smart contracts, fraudulent transactions, and phishing. Also, it would’ve been great to have a clear understanding of what exact smart contract you are signing without having to do comprehensive research. So I thought, why not build such a tool myself?
The invaluable knowledge of how different web3 scams work and the ways to detect them I gained over years of working on blockchain-based projects became the foundation of Web3 Antivirus.
How does W3A work?
W3A is a browser extension, something like a protective layer between a user and dangers they may encounter in the web3 space. The solution pauses a transaction, analyzes it, and presents the risk assessment report in 2 seconds, specifying what can go wrong if a user confirms the transaction.
What’s more, W3A is capable of call stack backtracing, which allows it to examine all smart contracts linked to the transaction rather than checking only the one you are currently interacting with.
As a result, users get the transaction’s risk level with the list of all dangers spotted. With a full picture of what awaits them ahead, users can make an informed decision about whether to approve the transaction or decline it.
Also, the solution checks domain names against an extensive database using AI similarity comparison and identifies suspicious URLs. If a user is heading to a phishing or untrustworthy site, W3A immediately blocks them.
Importantly, the extension requires no setting up and never asks for access to wallets, assets, or a seed phrase.
What are your future plans?
Now, we are working on expanding the range of supported wallets and blockchains, with BNB and Solana coming soon. Besides, the extension will soon get a brand-new feature, W3A Dashboard. Think of it as an account that logs the history of threats you’ve come across, along with a detailed list of transactions and delegated token rights.
And we never stop upgrading the auditing methodology. Soon, in addition to the risk assessment report, users will be able to see all steps of transaction simulation and the dangers associated with each of them.
We are also implementing advanced NFT analysis that covers historical data and a machine learning-enriched layer able to detect financial fraud, define wallet risk scoring, IP infringements, honeypots, etc.
Who can benefit from Web3 Antivirus?
It doesn’t matter what your goals are in web3, be it making transactions or just exploring websites — W3A is for everyone embracing web3. Also, web3 projects, like non-fungible token (NFT) collections or DeFi protocols, can get validated by the solution. This is a win-win scenario since the projects will get a “safety label” while we will upgrade our data layer.
We aim to become a community-driven project with members able to contribute to W3A development with their research and contract validation and get rewards. This will allow the extension to enrich its databases faster and be able to spot fraud more accurately.
Web3 users require the credibility of the solutions they use. How will you ensure that they can trust W3A?
Web3 Antivirus will never ask for users’ seed phrases or access to wallets or assets. Also, the solution is open-source, so users can fork our code from GitHub and check that no hidden processes are going on.
What makes W3A different from its competitors?
The most crucial difference is that Web3 Antivirus executes deep risk analysis, informing users about the overall transaction risk level and what exact threats are detected. In the meantime, our competitors do not perform such a deep investigation.
W3A achieves this high level of detail thanks to its sophisticated infrastructure that includes complex technical solutions, such as indexing and structuring of data derived directly from the Ethereum network.
One more advantage is that W3A has a team of well-versed smart contract developers and auditors who investigate web3 scams on a daily basis and upgrade the solution.
What is the most unique risk that W3A detects?
Let’s say it is a smart contract’s ability to adapt and transform according to the number of tokens a user owns. For example, a smart contract can set a limit on trading a certain, usually very valuable, token and make it non-transferable. Thus, what at first seems like a very profitable deal, turns out to be a loss of money.
Can you share your impressions about launching Web3 Antivirus on Product Hunt?
Sure, it was a great experience! W3A was ranked in the top 10 solutions of the day. We received lots of support and saw genuine interest in our product. I believe announcing Web3 Antivirus there helped us raise awareness among the web3 community and encourage people who were doubtful about collaborating in web3.