As the Polygon DAO and Polygon as a whole grow, so will the number of bad players that will try to take advantage of the space.
We are in the process of creating a series on Discord and blockchain security that will cover the basics and things to watch out for in order to create a more secure community.
This series will be made up of videos and a quiz to go with them. At the moment we are also exploring the possibility of rewarding those that pass the quizzes with a Discord rank in the Polygon DAO and/or an NFT/POAP corresponding to the specific quiz that they passed.
We would love to get feedback around this outline and any additional information that we can add!
‣Discord Basic Security video and quiz
‣Blockchain Basic Security video and quiz
‣Live security events (With more advanced information)
⮱Live Event 1 - Twitter Spaces with security experts (Expert Talks)
⮱Live Event 2 - Discord event once per month discussing advanced security measures and techniques.
Discord Security information
- Enable 2FA
- Disable direct messages from members in a server upon joining a new discord server
- Show examples of why this is necessary
- Spam bots
- Phishing links
- DM pretending to be a team member
- How to re-enable direct messages when going through a verification process
- How to tell if a user is genuinely a “team member.”
- Do not contact a user via a shared Whatsapp number, phone number, email address, etc.
- Do not share personal information over discord.
- Never interact with links sent to you.
- Check the validity of all links before clicking them. (make sure the user that is posting the link is the person they are claiming to be also due to recent discord server exploits)
(ex. using lowercase L in place of i to link fake websites)
- Check and clear your Authorized Apps on discord to make sure there are no unwanted apps.
- Create a support ticket to get in contact with community stewards or team members
Blockchain Security information
- Do not share your seed phrase with anyone… ever.
- Do not connect your wallet or confirm transactions with websites that you have not researched
- Check and clear your connected sites in MetaMask (Even if it is a platform you used/trust because these platforms can become compromised at any time)
- Read requests prior to accepting them to make sure that the request is not granting unlimited access to your funds… etc.
- Use a platform like Revoke(dot)cash to check for and remove unlimited access to wallet funds that you might have previously granted.
- Make sure your MetaMask is set to Autolock in a relatively short amount of time.
- Difference between a cold and hot wallet
- Use a cold wallet
- Different types of chain/networks like eth, polygon, sol, etc.
- A short note on the latest ongoing scams
How would you rate yourself when it comes to the security related topics mentioned?
- 1 Poor
- 2 Okay
- 3 Good
- 4 Great
- 5 Expert
How likely would you be to attend the live, more advanced security events?
- 1 Least Likely
- 5 Most Likely
How likely would you be to explore this content and take the attached quiz?
- 1 Least Likely
- 5 Most Likely
Thanks for throwing this together team! Looking forward to the feedback!
Community Stewards at Polygon DAO are ensuring that all our members stay aware on how to keep themselves away from bad apples. Appreciate the efforts. I am in full support of this initiative and happy to help in this initiative if needed.
Education series like this will always help.
I suggest doing Podcasts should also help as it will help show presentation and flow on screen.
Hey @pixo ,
Really appreciate your efforts & it shows. You have beautifully covered almost all the topics which a newbie supposed to know. And that too in simple & lucid language. As a community moderator, it pains to see enthusiasts getting scammed. Much more painful is that we can’t do much about it since decentralised platforms are immutable.
Education series like this will also help us to achieve our co-founder’s mission of onboarding 1 billion users into web3. Without proper security of funds & awareness, Onboarding newbies will be a herculean task.
Keep up the good work. Kindly do not hesitate to reach out to us if you need any assistance.
Thank you for this. Looking to this. Security is important and critical issue.
Security is a huge part that needs to be looked into, and the content is excellent; I appreciate the effort.
This is great! Covers everything.
Pretty sure it would deserve another topic/series - it would be very helpful to spread the awareness about rug-pulls and other DeFi fraud schemes.
This is absolutely the first step to building crypo/dlt literacy.
Thank you for this input!
It would be very helpful to spread the awareness about rug-pulls and other DeFi fraud schemes.
This is something that definitely needs attention. It is one of the top hurdles slowing the mass adoption of Web3 in my opinion and it would be very helpful information for the community.
There’s definitely a lot we can layer or stack in there.
Thank you for the ideas, we’ll make notes!
I like this idea a lot especially as I’m a security researcher!
I’m interested in the human aspects of security, the motivation and behaviour of scammers and our propensity to fall for scams. I would be happy to get involved in creating some material, presenting and be involved in discussions. I could do something similar to our internal learning session over at the SuperUMAn DAO:
How to not be scammed in Crypto! - The best advice and steps you can take to avoid being scammed! - YouTube
Thanks so much for your responsiveness!
(sorry i’m super busy doing the whole “fintech/DAO/startup” thing - hoping to hear back about our DApp application [insert shameless hint]
Apologies for the word wall
I’m SUPER happy (and relieved) to see that Polygon is so proactive.
Not the case with most projects that “talk the talk”
Not sure if you want to add “financial security/literacy practices” into the mix(?) may be good for another series as a venue to feature projects & have non security/technical expert speakers.
There is def. a thin line between identifying DApp/project fraud & what to look for as strong fundamentals of potential success (i.e. solid tokenomics/doc details/doxxed team background experience/roadmap & reality to complete it) - gamification (not GameFi), DeFi financial literacy etc.
I’ve been writing/talking about those topics for a while (with a small audience ) and would love to help.
(After I get things rolling with the DAO and the dev. underway for the DAO’s first product - $FxD (Fiat/FOREX Exchange “denomination” platform/protocol - big-time game-changer - super profitable…)
[shameless plug #2]
Hey @neondaemon ,
It’s nice to see a security expert amongst us. We also notice that this is your first forum post. We encourage you to engage more in order to make this community more vibrant.
The most difficult part is to explain the human aspect involved in scams. Much more toughest part is to impart that knowledge to common users who are reluctant to learn uninteresting & non-glamorous things…
If you can make it interesting and crisp ( who wants to watch YouTube videos for 30mins+ for every damn thing)— you are doing a godly work by saving innocent users.
Hey @AustinG_FATExDAO ,
“Builders” like you-- are our backbone. No, you did not indulge in shameless Shilling. You are just explaining your concepts & that’s what this forum is all about.
By the way, we all started with small audiences. It multiplies after a threshold. My personal Twitter id has 300k+ followers. 2 years back it was less than 20k. Did I ever imagine to reach here ? The answer is no.
Kindly pro-actively participate in our community for better visibility & wider reach for a symbiotic relationship.
Hey! Derbygold.eth - you make it sound so easy - nonchalant about 20K
You clearly have the twitter “game” secrets - I would love some tips…!
(I’ve spent hours reading about Twitter, I’d rather be working on the MVP)
I really believe in what we’re working on beyond it being a strong product/business model - it’s not about the money to me at all (but it’ll work because of the profit and high social impact potential) but all folks seem to care about are airdrops and get-rich-quick expectations.
Very hopeful/excited to be on Matic - a lot of positivity and helpfulness - great vibe and the business development/strategy is right on.
The resources being offered to bootstrappers like us are beyond what I expected. It would be nice to get some more folks to join the project/mission. Looking forward to the thought leadership for the grant support.
Thanks for the comments and discord help @CoachViking @pixo
@Derbygold.eth - bless me with your twitter secrets, please!
I’m definitely going to follow your advice re: discourse. Any specific topic areas you’d recommend tapping to drop info and engage?
Thanks so much for this! Can I ask a favor?
We just created a Truts account yesterday and are looking to fill it up with wonderful comments like the one you just left. Could you drop the review there? Polygon DAO
That would be a booming help for all!
I’m looking forward to seeing more of you around the community and working with ya!
For sure! Let me just get the grant submitted - and a few other things to do (stressing out a little - i’m a bit of a perfectionist… When will I learn that i need to chill out…? I dunno…
100% will do in a few hours! (knowing me that means about 8-12hours)
I’m looking forward too! Ya’ll have been amazing… You have no idea how much it means to get help to make this happen - it’s been a long journey so far and we’re really just getting started.
Anything you need like this or whatever way I can help - never hesitate. Community service is my jam.
PS if it’s easier just DM me in Discord! (i wouldn’t have seen this for a while if I accidentally opened my email)
Thank you CoachV!
Done! Meant every word - no butt-kissery at all. lol