64% of surveyed whitehats find ChatGPT lacks accuracy in identifying security vulnerabilities, according to Immunefi.

64% of surveyed whitehats find ChatGPT lacks accuracy in identifying security vulnerabilities, according to Immunefi.

The Blockchain Industry: Security Concerns and Potential of ChatGPT

Source: AdobeStock / Emmy Ljs Source: AdobeStock / Emmy Ljs

The blockchain industry has witnessed tremendous growth in recent years, with innovations such as smart contracts and decentralized applications (DApps) revolutionizing various sectors. However, as the industry expands, so do concerns about security, privacy, and ethics. One such concern revolves around the use of artificial intelligence (AI) chatbots like ChatGPT, developed by OpenAI. While these chatbots have gained popularity, their effectiveness in identifying security vulnerabilities has been questioned.

Immunefi, a bug bounty and security services platform, conducted a survey among 165 active whitehats in the Web3 security community to assess their perception of ChatGPT’s security capabilities. The survey revealed that 76.4% of the respondents used ChatGPT, with 36.7% incorporating it into their daily workflow. The majority of whitehats (74%) believed that ChatGPT is best suited for educational purposes.

However, despite its widespread adoption, concerns were raised about the accuracy of ChatGPT in identifying security vulnerabilities. According to the survey, 64.2% of respondents cited limited accuracy as a major concern. Additionally, 61.2% expressed concerns about the lack of domain-specific knowledge and difficulties in handling large-scale audits. These concerns indicate that while ChatGPT has potential, it requires further refinement and training to be fully effective in the field of Web3 security.

To gauge whitehats’ confidence in ChatGPT’s ability to identify Web3 security vulnerabilities, the report revealed that 35% were moderately confident, 29% were somewhat confident, and 26% were not confident. This lack of confidence suggests that there is still room for improvement in ChatGPT’s security capabilities.

Furthermore, 52% of respondents expressed concerns about the general use of ChatGPT, citing potential security risks such as phishing, scams, social engineering, and the development of ransomware and malware. These concerns highlight the need for robust security measures when employing AI chatbots in sensitive contexts.

Despite these concerns, the majority of whitehats (75%) acknowledged that ChatGPT has the potential to enhance Web3 security research. However, they emphasized the importance of further fine-tuning and training to ensure its effectiveness. Interestingly, 68% of respondents stated that they would recommend ChatGPT to their colleagues as a tool for Web3 security, indicating a general positive sentiment towards the technology.

While ChatGPT has garnered attention in the security community, Immunefi reported that it received a flood of bug reports after the chatbot’s release. These reports, although well-written, turned out to be nonsensical and lacked authenticity. Immunefi discovered that these reports were generated by individuals without security skills, hoping to exploit the bug bounty system by submitting fake vulnerabilities. As a response, Immunefi implemented a new rule to permanently ban accounts submitting ChatGPT-generated bug reports. Notably, 21% of the banned accounts were linked to this type of spam-like activity.

Immunefi, as a bug bounty and security services platform, plays a crucial role in protecting user funds. To date, it has safeguarded over $60 billion in user funds, paid out over $75 million in bounties, and saved over $25 billion in potential losses. The platform currently offers a staggering $154 million in available bounty rewards, attracting security experts and whitehats from around the world.

In conclusion, the blockchain industry continues to evolve, presenting both opportunities and challenges in the realm of security. While AI chatbots like ChatGPT have shown promise in enhancing Web3 security research, concerns about their accuracy and potential risks persist. The industry must prioritize refining and training these technologies to ensure their effectiveness in identifying security vulnerabilities. By striking the right balance between innovation and security, the blockchain industry can continue to thrive and drive positive change in various sectors.

Learn more: