Vitalik Buterin Unveils Web3 Security Strategy in Response to Deepfake Threats


Ethereum co-founder Vitalik Buterin has been discussing Web3 security, highlighting its increasing importance in a world where deepfakes are becoming more prevalent. 

On February 9, Buterin cited a recent report regarding a company that lost $25 million. This occurred when a finance worker was duped by a convincing deepfaked video call.

Web3 Security Highlighted in Deepfake Threats

Deepfakes, which are AI-generated fake audio or videos, are becoming more prevalent. Moreover, they make it unsafe to authenticate people solely based on seeing or hearing them, he said.

“The fact remains that as of 2024, an audio or even video stream of a person is no longer a secure way of authenticating who they are,” Buterin said.

Cryptographic methods like signing messages with private keys are not enough, Buterin noted, explaining that they bypass the purpose of having multiple signers verify identity. Nevertheless, asking personalized “security questions” based on shared experiences is an effective way to authenticate someone’s identity, he added.

Good questions are unique, difficult to guess, and probe the “micro” details people remember.

“People will often stop engaging in security practices if they are dull and boring, so it’s healthy to make security questions fun,” Buterin suggested. 

Security questions should be combined with other techniques, he said. These could include pre-agreed code words, multi-channel confirmation of info, man-in-the-middle attack protections, and delays or limits on irreversible actions.

Individual-to-individual security questions differ from enterprise-to-individual such as bank security questions, and should be tailored to the people involved.

Buterin concluded that no one technique is perfect. However, layering techniques adapted to the situation can provide effective Web3 security even in a world where audio and video can be faked.

“In a post-deepfake world, we do need to adapt our strategies to the new reality of what is now easy to fake and what remains difficult to fake, but as long as we do, staying secure continues to be quite possible,” Buterin emphasized.

On February 9, it was reported that deepfake voices, images, and other manipulated online content have already made a negative impact on this year’s US elections. The White House is seeking ways to verify all its communications and prevent various forms of generative AI fakery, manipulation, and abuse, it revealed.

Last month, the World Economic Forum (WEF) revealed that AI-generated misinformation and deepfakes was the world’s greatest short-term threat. Also in January, MicroStrategy founder Michael Saylor warned about deepfakes featuring him angling to scam users out of their Bitcoin. 

Source : BeInCrypto by Martin Young / Feb 11, 2024 logo


240 rue Evariste Galois,

06410 Biot,

Sophia Antipolis

Automata Pay

65-66 Warwick House 4th

Floor, Queen Street, London

England, EC4R 1EB

Automata Pay Europe Ltd

3rd Floor Ormond Building,

31-36 Ormond Quay Upper,

Dublin 7, D07 Ee37

Automata ICO Ltd

Italian Branch

Via Archimede, 161,

00197 Roma


The purchase of digital assets is subject to a high market risk and price volatility. Changes in value can be significant and occur rapidly and without warning. Past performance is not a reliable indicator of future performance. The value of an investment and returns can fluctuate both up and down, and you may not recover the amount you invested. RISK WARNING

Automata ICO Limited has a branch in Italy with its registered office at Via Archimede, 161, Roma, Italy, and registered in Italy under number 96550860587 with the Organismo Agenti e Mediatori (OAM) as a Virtual Asset Service Provider (VASP).

Automata France SAS is a company registered in France with the company number 902 498 617. Automata FRANCE SAS is registered with the french Financial Market Authority, l’Autorité des marchés financiers (“AMF”), as a provider of Virtual Asset Service Provider under number E2023-087.

Automata Pay Europe Limited is a partner of Modulr Finance B.V., a company registered in the Netherlands with company number 81852401, which is authorised and regulated by the Dutch Central Bank (DNB) as an Electronic Money Institution (Firm Reference Number: R182870) for the issuance of electronic money and payment services. Your account and related payment services are provided by Modulr Finance B.V. Your funds will be held in one or more segregated accounts and safeguarded in line with the Financial Supervision Act. How we keep your money safe.