To build secure and resilient Web3 systems, transparency alone is not enough. By placing greater emphasis on simplicity, we can make the peer-review of code more effective and minimize security breaches in the Web3 space.We are used to the intuitive idea that security is somehow intertwined with secrecy.
We keep our passwords secret and our valuables hidden. For decades, software engineers followed a similar approach to cybersecurity.
The source code of computer software was kept private. In the event of a vulnerability, a security patch would be released. This was and continues to be one view of security: “security through obscurity” and we have to trust the patches that are pushed — without our knowledge or consent — to our computers and phones will do what they are supposed to do.Proponents of open-source software took a radically different view.
They argued that making code transparent and publicly available would mean developers could review and improve the code, and would have the incentives to do so.Read more on cointelegraph.com