Author: RootData & OKX Web3 Wallet
Security has always been one of the most important cornerstones of the Web3 industry. As more and more users enter Web3 and the on-chain ecosystem becomes increasingly prosperous, the importance of asset security has become increasingly prominent. In this field where opportunities and risks coexist, understanding the current state of Web3 users' security awareness is crucial for promoting and guiding the healthy development of the industry.
Recently, the OKX Web3 Wallet, in collaboration with RootData, released the "2024 Web3 User Security Awareness Research Report". Through in-depth research on 1,040 active Web3 wallet users, the report reveals the real situation of users in terms of security awareness and usage behavior, and provides solid reference from the frontline of the market for the future development of the industry.
I. Industry Background and Research Significance
1.1 Current Status of the Web3 Market and Security Situation
In 2024, the Web3 market will present a brand-new development landscape. Driven by the major positive news of the approval of the Bitcoin spot ETF, institutional capital has begun to enter the cryptocurrency market on a large scale, pushing the price of Bitcoin to a new historical high. At the same time, the explosive growth and wealth effect of Meme in the Solana ecosystem have become the entry point for retail investors in this bull market.
In terms of user behavior, cross-chain asset allocation has become a mainstream trend. Our research data shows that more than 80% of users hold assets on multiple public chains at the same time, with Ethereum, BNB Chain, and Solana being the most prevalent.
However, the rapid development of the market is also accompanied by significant security risks. According to the Q3 2024 Security Quarterly Report released by OKLink, the cumulative on-chain security incidents have caused a loss of about $743 million. Among the 110 major attack incidents, fraud and phishing incidents dominated, accounting for 61 incidents and causing a loss of up to $340 million, which is 46.03% of the total loss. REKT incidents and RugPull incidents caused losses of about $80.42 million and $4.61 million respectively, which are relatively small in scale but still worth vigilance.
1.2 Research Methodology
To gain a deeper understanding of the current state of Web3 users' security awareness, the OKX Web3 Wallet, in collaboration with RootData, conducted this user survey. The survey covered 1,040 active Web3 wallet users, and was conducted from December 3 to 13, 2024, analyzing from multiple dimensions such as user profile, security awareness, and usage behavior.
II. User Profile Analysis
2.1 Distribution of Usage Experience
The survey data shows that the user group presents a relatively balanced distribution of experience. Among them, experienced users (with usage time exceeding 2 years) account for 34.62%, forming a stable user base; users with 1-2 years of usage account for 30.77%, representing a mature user group; users with 3-12 months of usage account for 28.85%, reflecting continuous market penetration; and new users (with usage time less than 3 months) account for 5.77%, indicating that the market is still steadily attracting new users to join.
Experienced veteran users provide a stable foundation for the industry, while the continuous influx of new users injects vitality into the market. The industry's next step should focus on enhancing the security awareness of new users, strengthening user education, and at the same time, optimizing the product experience to further enhance the stickiness of mature users and veteran users. This will help drive the sustained and healthy growth of the Web3 ecosystem.
2.2 Distribution of On-Chain Assets
In terms of blockchain network usage, users have shown a clear demand for multi-chain asset management. Ethereum remains the most popular public chain, with a usage rate of 20.72%; closely followed by BNB Chain and Solana, both accounting for 17.12%, demonstrating the strong appeal of these two public chains, especially in low-cost and high-efficiency transaction scenarios; Polygon ranks fourth with a usage rate of 12.61%; the usage rates of emerging public chains like Sui and Base reach 9.46% and 6.76% respectively, reflecting users' high sensitivity to new technologies and opportunities.
This distribution characteristic reflects that users are increasingly inclined to adopt a cross-chain asset allocation strategy, and the distribution of users' assets on blockchain networks reflects the trend of multi-chain coexistence.
It can be foreseen that as cross-chain interoperability and asset liquidity tools mature, the demand for multi-chain management will further increase. The industry should strengthen the development of related products and services to meet users' asset allocation and security management needs across multiple chains.
2.3 Transaction Activity
The frequency of users' on-chain transactions presents a multi-level distribution characteristic. The data shows that 44.23% of users maintain a moderate transaction frequency of 5-20 times per week, forming the main user group; 21.15% of users have a relatively low transaction frequency of less than 5 times per week; high-frequency traders (20-50 times per week) and super high-frequency traders (more than 50 times per week) each account for 17.31%.
Combined with the mainstream market judgment, this may be related to the appearance of more trading opportunities on the chain, such as Meme, in this cycle.
III. Current State of Security Awareness
3.1 Private Key Management Awareness
In terms of private key storage, users exhibit different levels of security awareness. 34.65% of users choose to record and securely store their private keys on physical media; 24.75% of users adopt encrypted digital storage methods; 13.86% of users use professional hardware wallets, representing the highest level of security protection awareness.
However, 26.73% of users still adopt relatively insecure storage methods, such as cloud storage, chat records, or ordinary notes, indicating that there is still room for improvement in security education.
According to Slow Mist's security report last year, as many as 320,000 victims had their wallets stolen, with a total loss of $295 million. Due to the flexible and convenient rigid demand, most current Web3 participants directly use Web3 wallets to store private keys, and security has become a white-hot field in the competition of Web3 wallets. OKX Web3 Wallet has explored this area more deeply, supporting measures such as email binding and exchange KYC to provide multiple safeguards.
3.2 Asset Diversification Management
In terms of asset diversification, users generally exhibit a strong risk awareness. 42.31% of users choose to use 2-3 wallet addresses for asset management, indicating that most users tend to moderately diversify their assets after weighing security and management convenience; 32.69% of users use more than 5 addresses, showing a high level of security precaution; 19.23% of users maintain a medium diversification of 4-5 addresses; only 5.77% of users use a single address, indicating that most users have recognized the importance of diversified asset management.
Most users have formed a security awareness of asset diversification management, but there are still some users who may need further education and guidance. The industry may be able to help users find the best balance between security and convenience by enhancing the usability of wallet management tools, optimizing the multi-address management experience, and conducting relevant risk education, further improving the overall user experience and asset security level.
3.3 Usage of Security Tools
Users have shown a high level of vigilance in the use of security tools. 75% of users said they would not use托管tools like Telegram bots for trading; when faced with unfamiliar contract interaction requests, 65.38% of users will directly choose to reject, and 26.92% of users will check the contract information through a block explorer, showing a cautious trading attitude.
In addition, about 50% of users will regularly check and manage token authorizations, reflecting users' emphasis on continuous security management.
According to Scam Sniffer data, in the first half of 2024, 260,000 victims lost $314 million on EVM chains. Phishing signatures remain one of the most difficult scams for ordinary users to prevent. Generally speaking, preventing malicious authorizations requires doing risk warnings and confirming signatures in two steps.
Currently, OKX Web3 wallets and other wallets have pre-parsed pending transactions and integrated historical security incident databases. At the same time, highlighted text can warn users of similar phishing addresses. Final authorization requires a second confirmation by the user.
IV. Web3 Wallet Usage Behavior
4.1 Functional Usage
The use of Web3 wallet functions by users exhibits a diversified feature. The multi-chain asset management function has the highest usage rate, reaching 20.86%, reflecting users' demand for cross-chain asset management; DEX cross-chain trading ranks second, accounting for 19.02%, while DeFi investment and Non-Fungible Token trading account for 16.56% and 14.72% respectively, showing users' active trading needs.
This usage distribution reflects that the Web3 wallet has evolved from a simple asset storage tool to a comprehensive blockchain service platform.
4.2 Transaction Scale Characteristics
The distribution of users' transaction scale presents a pyramid structure: 42.31% of users have a single transaction amount between 100-500 USDT, constituting the main transaction scale; 34.62% of users have a transaction amount below 100 USDT, reflecting the prevalence of small-amount transactions; 19.23% of users conduct medium-scale transactions of 500-2000 USDT; only 3.85% of users have a single transaction exceeding 2000 USDT.
The survey shows that small and medium-sized transactions are the mainstream, and the industry should optimize the experience of small and medium-sized transactions to meet the needs of the majority of users, while providing higher security guarantees for large-scale transactions to attract high-net-worth users and institutions.
4.3 Security Function Preferences
In terms of the security functions of the Web3 wallet, users have shown clear preferences:
- The phishing website warning function is the most concerned security feature, accounting for 44.23%.
- The transaction signature confirmation mechanism ranks second, accounting for 28.85%.
- The contract security assessment function accounts for 11.54%.
- Other security functions (such as address detection and multi-signature mechanisms) have relatively low attention, distributed below 15%.
Users' preferences for security functions are concentrated on features that can directly prevent attacks and avoid asset losses. The high proportion of the phishing website warning function indicates that most users are more concerned about preventing external threats and taking proactive protection. The transaction signature confirmation mechanism closely follows, reflecting users' demand for transaction security and controllability.
Web3 wallets should prioritize improving phishing warning and transaction signature functions, while also raising user awareness of passive defense functions such as contract security through education and guidance, in order to comprehensively enhance the security experience of the wallet.
V. Trends and Recommendations
5.1 Industry Trends
With the development of the Web3 market, user security awareness is showing a continuous upward trend. The usage rate of hardware wallets is constantly increasing, indicating that users are attaching more importance to asset security. Decentralized asset management has become the mainstream choice, and users generally accept the concept of "not putting all eggs in one basket".
In this trend, the OKX Web3 wallet provides a comprehensive security protection mechanism to help users effectively prevent various risks. Its innovative malicious DApp blocking function and risk token filtering system provide users with all-round asset protection, which has been widely recognized by users.
In terms of wallet functions, user demand for DeFi integration is constantly increasing, hoping to be able to conduct transactions, staking, lending and other operations directly in the wallet. The OKX Web3 wallet has performed outstandingly in this regard, by integrating mainstream DeFi protocols and aggregators, providing users with a one-stop on-chain operation experience. Especially in the identification of on-chain risks, its developed real-time transaction analysis system can identify potential threats before transaction execution, effectively reducing users' operational risks.
The increasing prominence of multi-chain management needs reflects the diversification trend of user asset allocation. Survey data shows that more than 78% of users need to manage assets on multiple public chains simultaneously. In this context, the OKX Web3 wallet, with its strong multi-chain compatibility, supports multiple mainstream public chains including Ethereum, BNB Chain, Solana, and Layer 2 networks, providing users with a smooth cross-chain management experience.
5.2 Development Recommendations
For users, it is necessary to further strengthen the awareness of private key management, ensuring the security of private key generation, use and storage. It is recommended that users fully utilize the security features provided by modern wallet products, such as the multi-signature support and transaction risk reminders of the OKX Web3 wallet, to build a multi-level asset protection system. At the same time, cultivate the habit of decentralized asset management, reasonably allocate the usage ratio of hot wallets and cold wallets, and maintain high vigilance against phishing websites and false airdrops.
For wallet products, the primary task is to continuously strengthen security education throughout the entire process, covering the entire flow from wallet creation, information query to transaction operation. Best practices in the market have shown that integrating security education organically into the product usage process can effectively enhance users' security awareness.
For example, the OKX Web3 wallet will proactively provide security tips when users perform high-risk operations, and help users avoid potential threats through an intelligent risk identification system. In addition, continuous optimization of the multi-chain management experience is also an important direction, and wallet products need to provide users with a more intuitive asset display interface and convenient cross-chain switching functions.
VI. Conclusion
This survey shows that against the backdrop of the rapid development of the Web3 market, user security awareness is gradually increasing with the increase of on-chain operations, but there is still room for improvement. The OKX Web3 wallet has played a positive role in enhancing user security awareness through its comprehensive security features and educational guidance. In the future, with the further development of the market and the iterative progress of technology, Web3 wallet products need to strike a better balance between convenience and security, helping users participate in the Web3 ecosystem with better security guarantees.
At the same time, the research also found that user demand for Web3 wallets is expanding from basic asset management to more complex scenarios. This requires wallet products to provide richer functional support while ensuring security, in order to meet users' diversified needs in areas such as DeFi, Non-Fungible Tokens, MEME, and even AI. Against the backdrop of continued market heat, how to help new users establish the right security awareness, how to provide more professional security tools for experienced users, and explore new product forms such as keyless wallets, will become important topics for Web3 wallet products.
In summary, the "2024 Web3 User Security Awareness Research Report" not only reveals the current status and challenges of Web3 users in terms of security awareness, but also points out the future development direction for the industry. In this field full of changes and innovations, user security awareness is the cornerstone of the industry's stable development.
The OKX Web3 wallet will continue to be committed to enhancing users' security protection capabilities, and through continuous innovation and improvement of product functions, create a more secure, convenient and comprehensive Web3 experience for users. At the same time, we also call on the entire industry to work together, strengthen security education, and improve user security awareness, in order to jointly promote the prosperous development of the Web3 ecosystem.
