Polygon’s CISO Highlights Practical Security Challenges in Blockchain Industry


  • Practical security in the blockchain and cryptocurrency industry lags behind theoretical advancements.
  • Billions of dollars have been lost due to individuals misplacing their mnemonic keys, and Gupta warns that an even larger amount is at risk due to inadequate security measures.
  • Defenders in the security world face a daunting task, as attackers only need to exploit a single vulnerability.

Mudit Gupta, Chief Information Security Officer of Polygon, addressed the practical security challenges in the blockchain and cryptocurrency industry during his presentation at the Ethereum Community Conference. Gupta highlighted the disparity between theoretical and practical security measures in the sector, emphasizing that while progress is being made in theoretical security, practical security still lags behind.

Gupta used mnemonic keys as an example to illustrate the real-world challenges despite their theoretical security advantages. He explained that the proper management and safekeeping of mnemonic or private keys can be extremely difficult, as a single mistake or leak could lead to irreversible consequences. Gupta also revealed that billions of dollars have already been lost due to individuals misplacing their mnemonic keys, and even more funds are at risk due to inadequate security measures.

The CISO acknowledged the practical issues that arise with private keys, such as key compromise or the dilemma of accessing funds in case of unexpected events like death. He emphasized the complexities faced by defenders in the security world, noting that attackers have an easier task as they only need to find one vulnerability to exploit. Despite the challenges, Gupta highlighted the crucial role of defenders in covering all potential vulnerabilities to safeguard the ecosystem.

