Author: RootData & OKX Web3 Wallet
Security has always been one of the most important cornerstones of the Web3 industry. As more and more users flock to Web3 and the on-chain ecosystem becomes increasingly prosperous, the importance of asset security is becoming more prominent. In this field where opportunities and risks coexist, understanding the current state of Web3 users' security awareness is crucial for promoting and guiding the healthy development of the industry.
Recently, the OKX Web3 wallet collaborated with RootData to release the (2024 Web3 User Security Awareness Research Report), revealing the real conditions of users in terms of security awareness and usage behavior through an in-depth survey of 1,040 active Web3 wallet users, providing solid references for the future development of the industry from the market's front line.
1. Industry Background and Research Significance
1.1 Current State of the Web3 Market and Security Situation
In 2024, the Web3 market presents a completely new development pattern. Driven by the significant positive news of the approval of the Bitcoin spot ETF, institutional funds have begun to enter the cryptocurrency market on a large scale, pushing Bitcoin prices to break historical highs. Meanwhile, the explosive growth of Memes in the Solana ecosystem and the wealth creation effect have become the points of retail participation in this bull market.
From the perspective of user behavior, cross-chain asset allocation has become a mainstream trend. Our survey data shows that over 80% of users hold assets on multiple public chains simultaneously, with Ethereum, BNB Chain, and Solana being the most popular.
However, the rapid development of the market is also accompanied by significant security risks. According to the third-quarter security report released by OKLink for 2024, on-chain security incidents across the network have caused cumulative losses of approximately $743 million. Among 110 major attack incidents, scams and phishing incidents dominate, accounting for 61 cases and causing losses of up to $340 million, accounting for 46.03% of total losses. REKT and RugPull incidents caused losses of approximately $80.42 million and $4.61 million, respectively, although smaller in scale, they are still worth alerting.
1.2 Research Methodology
To gain a deeper understanding of the current state of Web3 users' security awareness, the OKX Web3 wallet collaborated with RootData to conduct this user survey. The survey covered 1,040 active Web3 wallet users, conducted from December 3 to 13, 2024, analyzing multiple dimensions such as user demographics, security awareness, and usage behavior.
2. User Profile Analysis
2.1 Experience Distribution
Survey data shows that the user group exhibits a relatively balanced distribution of experience. Among them, experienced users (using for more than 2 years) account for 34.62%, forming a stable user base; users who have used for 1-2 years account for 30.77%, representing a mature user group; users who have used for 3-12 months account for 28.85%, reflecting ongoing market penetration; new users (using for less than 3 months) account for 5.77%, indicating that the market is still steadily attracting new users.
Experienced old users provide a stable foundation for the industry, while the continuous influx of new users injects vitality into the market. The next step for the industry should focus on enhancing new users' security awareness, strengthening user education, while also optimizing product experience to further enhance the stickiness of mature and experienced users. This will help promote the continuous and stable growth of the Web3 ecosystem.
2.2 On-chain Asset Distribution
In terms of blockchain network usage, users exhibit a clear demand for multi-chain asset management. Ethereum remains the most popular public chain, with a usage rate of 20.72%; followed closely by BNB Chain and Solana, each accounting for 17.12%, showing the ecological appeal of these two public chains, especially in scenarios of low cost and efficient transactions; Polygon ranks fourth with a usage rate of 12.61%; emerging public chains such as Sui and Base have usage rates of 9.46% and 6.76%, respectively, reflecting users' high sensitivity to emerging technologies and opportunities.
This distribution characteristic reflects that users are increasingly inclined towards cross-chain asset allocation strategies, and their asset distribution on blockchain networks illustrates the development trend of multi-chain coexistence.
It is foreseeable that with the maturity of cross-chain interoperability and asset liquidity tools, the demand for multi-chain management will further rise, and the industry should strengthen the development of related products and services to meet users' asset allocation and security management needs across multiple chains.
2.3 Transaction Activity
Users' on-chain transaction frequency exhibits a multi-layered distribution characteristic. Data shows that 44.23% of users maintain a moderate transaction frequency of 5-20 times per week, forming the main user group; 21.15% of users have a low transaction frequency, maintaining below 5 times per week; high-frequency trading users (20-50 times per week) and ultra-high-frequency trading users (more than 50 times per week) each account for 17.31%.
This is related to the mainstream market judgment, or to more trading opportunities appearing on-chain during this cycle, such as inscriptions and Meme markets.
3. Current State of Security Awareness
3.1 Awareness of Private Key Management
In terms of private key storage, users display varying levels of security awareness. 34.65% of users choose to record and securely store on paper media; 24.75% of users adopt encrypted digital storage methods; 13.86% of users use professional hardware wallets, representing the highest level of security awareness.
However, 26.73% of users still adopt relatively insecure storage methods, such as cloud storage, chat records, or ordinary notes, indicating that there is still room for improvement in security education.
According to last year's security report from SlowMist, as many as 320,000 victims had their wallets stolen, with losses reaching $295 million. Given the flexible and convenient rigid demand, the majority of current Web3 participants directly use Web3 wallets to store private keys, making security a highly competitive area in the Web3 wallet market. The OKX Web3 wallet has delved deeper into this aspect, supporting multiple protection measures such as email binding and exchange KYC.
3.2 Asset Diversification Management
In terms of asset diversification, users generally display a strong awareness of risk. 42.31% of users choose to use 2-3 wallet addresses for asset management, indicating that most users tend to moderately diversify assets after weighing security and management convenience; 32.69% of users use more than 5 addresses, showing a high level of security awareness; 19.23% of users maintain a moderate level of diversification with 4-5 addresses; only 5.77% of users use a single address, indicating that most users have recognized the importance of asset diversification management.
Most users have developed a security awareness regarding asset diversification management, but there is still a portion of users who may need further education and guidance. The industry could help users find the best balance between security and convenience by enhancing the usability of wallet management tools, optimizing multi-address management experiences, and conducting related risk education, thereby further improving overall user experience and asset security levels.
3.3 Usage of Security Tools
Users exhibit a high level of vigilance regarding the use of security tools. 75% of users report that they would not use hosted tools like TG bots for trading; when faced with unfamiliar contract interaction requests, 65.38% of users choose to reject outright, while 26.92% would query contract information through blockchain explorers, reflecting a cautious trading attitude.
In addition, about 50% of users regularly check and manage token authorizations, reflecting users' emphasis on ongoing security management.
According to Scam Sniffer data, in the first half of 2024, 260,000 victims lost $314 million on EVM chains. Phishing signatures remain one of the most difficult scams for ordinary users to guard against. Generally speaking, preventing malicious authorization requires proper risk warning and confirmation of signatures.
Currently, wallets such as the OKX Web3 wallet have conducted pre-analysis of pending transactions and integrated historical security incident databases. At the same time, highlighted texts can alert users to similar phishing addresses. During final authorization, users are required to perform a secondary confirmation.
4. Web3 Wallet Usage Behavior
4.1 Function Usage Status
Users' utilization of Web3 wallet functions shows diversified characteristics. The usage rate of multi-chain asset management features is the highest at 20.86%, reflecting users' demand for cross-chain asset management; DEX cross-chain trading ranks second at 19.02%, while DeFi investments and NFT trading account for 16.56% and 14.72%, respectively, demonstrating users' active trading needs.
This usage distribution reflects that Web3 wallets have evolved from simple asset storage tools into comprehensive blockchain service platforms.
4.2 Transaction Scale Characteristics
Users' transaction scale distribution exhibits a pyramid structure: 42.31% of users have a single transaction amount between 100-500 USDT, constituting the main transaction scale; 34.62% of users have transaction amounts below 100 USDT, reflecting the prevalence of small transactions; 19.23% of users engage in medium-scale transactions of 500-2000 USDT; only 3.85% of users have single transactions exceeding 2000 USDT.
The survey shows that small and medium-sized transactions are mainstream, and the industry should optimize the experience for small and medium-sized transactions to meet the needs of most users, while providing higher security guarantees for large transactions to attract high-net-worth users and institutions.
4.3 Security Feature Preferences
In terms of security features of Web3 wallets, users show clear preferences:
The phishing website warning feature is the most关注的安全特性,占比 44.23%。
The transaction signature confirmation mechanism ranks second at 28.85%.
The contract security assessment feature accounts for 11.54%.
Other security features (such as address detection and multi-signature mechanisms) attract less attention, with distribution below 15%.
Users' preferences for security features focus on those that can directly prevent attacks and avoid asset loss. The high proportion of the phishing website warning feature indicates that most users are more concerned about preventing external threats and proactively protecting themselves. The transaction signature confirmation mechanism follows closely, reflecting users' demand for transaction security and controllability.
Web3 wallets should prioritize improving phishing warning and transaction signature functionalities, while also enhancing users' awareness of passive defensive features like contract security through education and guidance, to comprehensively enhance wallet security experience.
5. Trends and Suggestions
5.1 Industry Trends
With the development of the Web3 market, users' security awareness shows a continuous upward trend. The usage rate of hardware wallets is steadily increasing, indicating that users' emphasis on asset security is deepening. Asset diversification management has become the mainstream choice, and users generally accept the idea of 'not putting all eggs in one basket.'
In this trend, the OKX Web3 wallet helps users effectively prevent various risks by providing a comprehensive security protection mechanism. Its innovative malicious DApp interception functionality and risk token filtering system provide users with all-round asset protection, gaining widespread recognition from users.
In terms of wallet functionality, users' demand for DeFi integration is continuously increasing, hoping to conduct transactions, staking, lending, and other operations directly within the wallet. The OKX Web3 wallet stands out in this regard by integrating mainstream DeFi protocols and aggregators to provide users with a one-stop on-chain operation experience. Especially in terms of on-chain risk identification, its developed real-time transaction analysis system can identify potential threats before transaction execution, effectively reducing users' operational risks.
The growing demand for multi-chain management reflects the diversification trend of users' asset allocation. Survey data shows that over 78% of users need to manage assets on multiple public chains simultaneously. Against this background, the OKX Web3 wallet, with its strong multi-chain compatibility, supports multiple mainstream public chains and Layer 2 networks, including Ethereum, BNB Chain, and Solana, providing users with a smooth cross-chain management experience.
5.2 Development Suggestions
For users, there is a need to continue strengthening awareness of private key management to ensure the security of each stage of private key generation, use, and storage. Users are advised to fully utilize the security features offered by modern wallet products, such as the multi-signature support and transaction risk alerts of the OKX Web3 wallet, to build a multi-layered asset protection system. At the same time, cultivating a habit of asset diversification management, reasonably allocating the usage ratio of hot wallets and cold wallets, and maintaining a high level of vigilance against phishing websites and fake airdrops is also crucial.
For wallet products, a primary task is to continuously strengthen security education throughout the entire cycle, covering the entire process from wallet creation and information inquiry to transaction operations. Excellent practices in the market indicate that organically integrating security education into the product usage process can effectively enhance users' security awareness.
For example, the OKX Web3 wallet proactively provides security alerts when users engage in high-risk operations and employs an intelligent risk identification system to help users avoid potential threats. Additionally, continuously optimizing the multi-chain management experience is also an important direction, as wallet products need to provide users with a more intuitive asset display interface and convenient inter-chain switching functions.
6. Conclusion
This survey shows that against the backdrop of rapid development in the Web3 market, users' security awareness is gradually improving with the increase in on-chain operations, but there is still room for enhancement. The OKX Web3 wallet plays a positive role in enhancing users' security awareness through comprehensive security features and educational guidance. In the future, as the market further develops and technology evolves, Web3 wallet products need to achieve a better balance between convenience and security, helping users participate in the Web3 ecosystem with more security assurance.
At the same time, research also finds that users' needs for Web3 wallets are expanding from basic asset management to more complex scenarios. This requires wallet products to provide richer functional support while ensuring security to meet users' diversified needs in DeFi, NFTs, Memes, and even AI fields. Against the backdrop of rising market enthusiasm, how to help new users establish correct security awareness, how to provide more professional security tools for experienced users, and exploring new product forms like keyless wallets will become important topics for Web3 wallet products.
In summary, the (2024 Web3 User Security Awareness Research Report) not only reveals the current state and challenges of Web3 users' security awareness but also points out future development directions for the industry. In this transformative and innovative field, users' security awareness is the cornerstone of the industry's robust development.
The OKX Web3 wallet will continue to strive to enhance users' security protection capabilities, by continuously innovating and improving product features to create a safer, more convenient, and comprehensive Web3 experience for users. At the same time, we also call for the entire industry to work together to strengthen security education, enhance users' security awareness, and jointly promote the prosperous development of the Web3 ecosystem.
