Unsatisfactory cybersecurity measures in play-to-earn (P2E) crypto games are a major risk to GameFi projects, says Hacken, a blockchain cybersecurity auditor. It highlighted that Gaming Finance projects put profits above security by introducing products without taking appropriate precautions against hackers. It doesn’t even follow the most essential cybersecurity recommendations.
Data collected by CER.live, a crypto security ranking service, show severe deficiencies in GameFi cybersecurity. As such, Hacken researchers found that out of 31 GameFi tokens, none had the top security ranking AAA, and 16 received the worst D score. Rankings were determined by weighing various aspects of the project’s cybersecurity measures such as token audits, bug bounty, and insurance.
The report stated that GameFi projects scored low as no P2E projects had insurance coverage which could help projects recover funds immediately in the instance of a hack. Dan Thomson, InsurAce’s chief marketing officer, confirmed the lack of insurance and uncovered or unprotected P2E projects. The Hacken report established that only two projects, Axie Infinity and Aavegotchi, have an active bug bounty program. They award monetary compensation to white hat hackers for finding bugs in the project’s code. The report said 14 projects received a token audit and only five – Aavegotchi, The Sandbox, Radio Caca, Alien Worlds, and DeFi Kingdoms – have completed a platform audit to find potential security holes in the project’s entire ecosystem.
Furthermore, the report outlined token bridges as a vulnerability for P2E games, with an example being Axie Infinity’s Ronin Bridge which lost over $600 million in a March hack. Hacken advised gamers to do their own security check of projects before injecting a large sum of money into them. It said investing in P2Es remains potentially profitable, but it cannot be denied that it’s a risky affair.