"2024 Web3 User Security Awareness Research Report": Insights into Security Challenges and Opportunities | RootData × OKX Web3 Wallet
Author: RootData & OKX Web3 Wallet
Security has always been one of the most important cornerstones of the Web3 industry. As more and more users flock to Web3 and the on-chain ecosystem continues to prosper, the importance of asset security has become increasingly prominent. In this field where opportunities and risks coexist, understanding the current state of security awareness among Web3 users is crucial for promoting and guiding the healthy development of the industry.
Recently, OKX Web3 Wallet, in collaboration with RootData, released the "2024 Web3 User Security Awareness Research Report," which reveals the true state of users' security awareness and usage behavior through in-depth research on 1,040 active Web3 wallet users, providing solid references from the market front for the future development of the industry.
1. Industry Background and Research Significance
1.1 Current State of the Web3 Market and Security Situation
In 2024, the Web3 market is showing a new development pattern. Driven by the significant positive news of the approval of Bitcoin spot ETFs, institutional funds have begun to enter the cryptocurrency market on a large scale, pushing Bitcoin prices to break historical highs. At the same time, the explosive growth of memes in the Solana ecosystem and the wealth creation effect have become points of participation for retail investors in this bull market.
From the perspective of user behavior, cross-chain asset allocation has become a mainstream trend. Our research data shows that over 80% of users hold assets on multiple public chains simultaneously, with Ethereum, BNB Chain, and Solana being the most popular.
However, the rapid development of the market is also accompanied by significant security risks. According to the 2024 Q3 security report released by OKLink, on-chain security incidents across the network have caused cumulative losses of approximately $743 million. Among 110 major attack incidents, scams and phishing incidents dominated, accounting for 61 cases and causing losses of up to $340 million, which represents 46.03% of the total losses. REKT incidents and RugPull incidents caused losses of approximately $80.42 million and $4.61 million, respectively. Although the scale is relatively small, they are still worthy of caution.
1.2 Research Methodology
To gain a deeper understanding of the current state of security awareness among Web3 users, OKX Web3 Wallet, in collaboration with RootData, conducted this user survey. The survey covered 1,040 active Web3 wallet users, conducted from December 3 to 13, 2024, analyzing multiple dimensions such as user profiles, security awareness, and usage behavior.
2. User Profile Analysis
2.1 Distribution of Usage Experience
The survey data shows that the user group exhibits a relatively balanced distribution of experience. Among them, experienced users (those with over 2 years of usage) account for 34.62%, forming a stable user base; users with 1-2 years of experience account for 30.77%, representing a mature user group; users with 3-12 months of experience account for 28.85%, reflecting ongoing market penetration; and new users (those with less than 3 months of usage) account for 5.77%, indicating that the market is still steadily attracting new users.
Experienced users provide a stable foundation for the industry, while the continuous influx of new users injects vitality into the market. The next step for the industry should focus on enhancing the security awareness of novice users, strengthening user education, and further enhancing the stickiness of mature and experienced users by optimizing product experiences. This will help promote the sustained and healthy growth of the Web3 ecosystem.
2.2 Distribution of On-Chain Assets
In terms of blockchain network usage, users show a clear demand for multi-chain asset management. Ethereum remains the most popular public chain, with a usage rate of 20.72%; followed closely by BNB Chain and Solana, each accounting for 17.12%, demonstrating the ecological appeal of these two public chains, especially in scenarios of low-cost and efficient transactions; Polygon ranks fourth with a usage rate of 12.61%; emerging public chains like Sui and Base have usage rates of 9.46% and 6.76%, respectively, reflecting users' high sensitivity to new technologies and opportunities.
This distribution characteristic indicates that users are increasingly inclined towards cross-chain asset allocation strategies, and the distribution of assets across blockchain networks reflects the development trend of multi-chain coexistence.
It is foreseeable that as cross-chain interoperability and asset liquidity tools mature, the demand for multi-chain management will further increase. The industry should strengthen the development of related products and services to meet users' needs for asset allocation and security management across multiple chains.
2.3 Transaction Activity
Users' on-chain transaction frequency shows a multi-layered distribution characteristic. The data indicates that 44.23% of users maintain a moderate transaction frequency of 5-20 times per week, constituting the main user group; 21.15% of users have a lower transaction frequency, maintaining below 5 times per week; high-frequency trading users (20-50 times per week) and ultra-high-frequency trading users (over 50 times per week) each account for 17.31%.
Combined with mainstream market trends, this may be related to the emergence of more trading opportunities on-chain, such as inscriptions and meme trends.
3. Current State of Security Awareness
3.1 Private Key Management Awareness
In terms of private key storage, users exhibit varying levels of security awareness. 34.65% of users choose to record and securely store their keys on paper; 24.75% use encrypted digital storage; and 13.86% use professional hardware wallets, representing the highest level of security awareness.
However, 26.73% of users still adopt relatively insecure storage methods, such as cloud storage, chat records, or ordinary notes, indicating that there is still room for improvement in security education.
According to a security report from SlowMist last year, as many as 320,000 victims had their wallets stolen, with losses amounting to $295 million. Given the flexible and convenient rigid demand, most Web3 participants currently use Web3 wallets to store private keys directly, making security a fiercely competitive area for Web3 wallets. OKX Web3 Wallet has conducted more in-depth exploration in this regard, supporting multiple security measures such as email binding and exchange KYC.
3.2 Asset Diversification Management
In terms of asset diversification, users generally exhibit strong risk awareness. 42.31% of users choose to use 2-3 wallet addresses for asset management, indicating that most users tend to moderately diversify their assets after weighing security and management convenience; 32.69% of users use more than 5 addresses, showing a high level of security precaution; 19.23% maintain a moderate level of diversification with 4-5 addresses; and only 5.77% of users use a single address, indicating that most users recognize the importance of asset diversification management.
Most users have formed a security awareness of asset diversification management, but some users may still need further education and guidance. The industry could help users find the best balance between security and convenience by enhancing the usability of wallet management tools, optimizing multi-address management experiences, and conducting related risk education, thereby further improving overall user experience and asset security levels.
3.3 Usage of Security Tools
Users show a high level of vigilance regarding the use of security tools. 75% of users indicate that they would not use custodial tools like TG bots for transactions; when faced with unfamiliar contract interaction requests, 65.38% of users would choose to refuse directly, while 26.92% would check contract information through a block explorer, reflecting a cautious trading attitude.
Additionally, about 50% of users regularly check and manage token authorizations, reflecting users' emphasis on ongoing security management.
According to Scam Sniffer data, in the first half of 2024, 260,000 victims lost $314 million on EVM chains. Phishing signatures remain one of the most difficult scams for ordinary users to guard against. Generally, preventing malicious authorizations requires effective risk warnings and confirmation of signatures.
Currently, wallets like OKX Web3 Wallet have implemented pre-analysis for pending transactions and integrated a historical security incident database. Additionally, highlighted text can alert users to similar phishing addresses. A secondary confirmation is required from users during final authorization.
4. Web3 Wallet Usage Behavior
4.1 Function Usage
Users exhibit a diversified usage of Web3 wallet functions. The multi-chain asset management function has the highest usage rate at 20.86%, reflecting users' demand for cross-chain asset management; DEX cross-chain trading ranks second at 19.02%, while DeFi investment and NFT trading account for 16.56% and 14.72%, respectively, indicating users' active trading demand.
This usage distribution reflects that Web3 wallets have evolved from simple asset storage tools to comprehensive blockchain service platforms.
4.2 Transaction Scale Characteristics
The distribution of users' transaction scales presents a pyramid structure: 42.31% of users have a single transaction amount between 100-500 USDT, constituting the main transaction scale; 34.62% of users have transaction amounts below 100 USDT, reflecting the prevalence of small transactions; 19.23% of users engage in medium-scale transactions of 500-2000 USDT; and only 3.85% of users have single transactions exceeding 2000 USDT.
The survey shows that small and medium-sized transactions are mainstream, and the industry should optimize the experience for small and medium-sized transactions to meet the needs of most users while providing higher security for large transactions to attract high-net-worth users and institutions.
4.3 Security Function Preferences
In terms of security features of Web3 wallets, users exhibit clear preferences:
- Phishing website warning features are the most concerned security characteristic, accounting for 44.23%.
- Transaction signature confirmation mechanisms rank second at 28.85%.
- Contract security assessment features account for 11.54%.
- Other security features (such as address detection and multi-signature mechanisms) receive lower attention, distributed below 15%.
Users' preferences for security features focus on those that can directly prevent attacks and avoid asset losses. The high proportion of phishing website warning features indicates that most users are more concerned about preventing external threats and actively protecting themselves. The transaction signature confirmation mechanism follows closely, reflecting users' demand for transaction security and controllability.
Web3 wallets should prioritize improving phishing warnings and transaction signature features while enhancing user awareness of passive defense features like contract security through education and guidance to comprehensively enhance wallet security experiences.
5. Trends and Recommendations
5.1 Industry Trends
With the development of the Web3 market, users' security awareness shows a continuous upward trend. The usage rate of hardware wallets is steadily increasing, indicating that users' emphasis on asset security is deepening. Asset diversification management has become the mainstream choice, with users generally accepting the idea of "not putting all eggs in one basket."
In this trend, OKX Web3 Wallet helps users effectively prevent various risks by providing comprehensive security protection mechanisms. Its innovative malicious DApp interception feature and risk token filtering system provide users with all-around asset protection, gaining widespread recognition.
In terms of wallet functionality, users' demand for DeFi integration is increasing, hoping to conduct transactions, staking, lending, and other operations directly within the wallet. OKX Web3 Wallet excels in this area by integrating mainstream DeFi protocols and aggregators, providing users with a one-stop on-chain operation experience. Particularly in on-chain risk identification, its developed real-time transaction analysis system can identify potential threats before transaction execution, effectively reducing users' operational risks.
The growing demand for multi-chain management reflects the diversification trend of users' asset allocation. Research data shows that over 78% of users need to manage assets on multiple public chains simultaneously. Against this backdrop, OKX Web3 Wallet, with its strong multi-chain compatibility, supports multiple mainstream public chains and Layer 2 networks, including Ethereum, BNB Chain, and Solana, providing users with a smooth cross-chain management experience.
5.2 Development Recommendations
For users, it is essential to continue strengthening private key management awareness, ensuring the security of each stage of private key generation, usage, and storage. Users are advised to fully utilize the security features offered by modern wallet products, such as the multi-signature support and transaction risk alerts of OKX Web3 Wallet, to build a multi-layered asset protection system. Additionally, cultivating a habit of asset diversification management, reasonably allocating the usage ratio of hot wallets and cold wallets, and maintaining high vigilance against phishing websites and fake airdrops are recommended.
For wallet products, the primary task is to continuously strengthen security education throughout the entire lifecycle, covering the entire process from wallet creation and information inquiry to transaction operations. Excellent practices in the market indicate that organically integrating security education into the product usage process can effectively enhance users' security awareness.
For example, OKX Web3 Wallet actively provides security alerts when users engage in high-risk operations and helps users avoid potential threats through its intelligent risk identification system. Furthermore, continuously optimizing the multi-chain management experience is also an important direction, as wallet products need to provide users with more intuitive asset display interfaces and convenient chain-switching functionalities.
6. Conclusion
This research shows that against the backdrop of the rapid development of the Web3 market, users' security awareness is gradually improving with the increase in on-chain operations, but there is still room for enhancement. OKX Web3 Wallet plays an active role in enhancing users' security awareness through its comprehensive security features and educational guidance. In the future, as the market continues to develop and technology iterates, Web3 wallet products need to achieve a better balance between convenience and security, helping users participate in the Web3 ecosystem with greater security assurance.
At the same time, the research also finds that users' demands for Web3 wallets are expanding from basic asset management to more complex scenarios. This requires wallet products to provide richer functional support while ensuring security to meet users' diverse needs in DeFi, NFTs, memes, and even AI. In the context of sustained market enthusiasm, how to help new users establish correct security awareness, how to provide more professional security tools for experienced users, and exploring new product forms such as keyless wallets will become important topics for Web3 wallet products.
In summary, the "2024 Web3 User Security Awareness Research Report" not only reveals the current state and challenges of Web3 users' security awareness but also points out the future development direction for the industry. In this field full of change and innovation, users' security awareness is the cornerstone of the industry's steady development.
OKX Web3 Wallet will continue to enhance users' security protection capabilities, constantly innovating and improving product features to create a safer, more convenient, and comprehensive Web3 experience for users. At the same time, we also call on the entire industry to work together to strengthen security education, enhance users' security awareness, and jointly promote the prosperous development of the Web3 ecosystem.