DYOR (Do Your Own Research)

DYOR, a commonly used term in crypto meaning “Do Your Own Research” in simple terms, refers to the idea of researching any investing opportunities before giving one’s funds to an entity or team. However, this concept has underlying components and multiple layers that are applicable to any investment or product use, which everyone should undertake.

Investing Due Diligence

Before considering whether or not to invest in an NFT, token, or crypto project, everyone should thoroughly read all available information.

Whitepapers are a somewhat simplified form of what projects are about, what they address or solve, and their intricacies. They provide information at a less technical level. Most projects have whitepapers on their website, which should be a go-to resource for prospective investors to understand before proceeding any further. This is due to the fact that every investor needs to have a basic understanding of the project itself, in addition to revealing possible flaws or red flags.

For example, a project’s white paper might be a copy and paste from another project or the concepts and mechanisms mentioned do not make sense. This could indicate that it is a rug pull scam. In addition to reviewing project documentation, critical thinking is essential when evaluating these materials.

One possible red flag (but not a golden rule) is the project’s team being anonymous. The rationale here is quite simple: if there are people identified as being behind a given project, then there is lesser risk of them acting with malicious intent such as fraud or conflict of interest, compared to other projects where the identities of the team members aren’t known or have not been fully verified.

Conducting searches on the web for any mentions of the project and its members is another component of due diligence in the crypto-space. Simple Google and Twitter searches can yield a number of items that might change your opinion on the project and the people behind it.

One of the biggest challenges with navigating in this space is that it sometimes requires people to think and act extremely fast, whether it be to secure an opportunity or to protect their assets. The opportunity to get whitelisted into an NFT or token presale is tempting for many investors since these tend to have the highest potential returns compared to buying them at any other time, especially during a bull run where that project falls within a cycle narrative. You must control your emotions at all times, since a single mistake or error in judgment can wipe out your funds with no way of getting them back.

There’s a myriad of stories where people saw an announcement on a Discord channel, inviting the community to partake on a sale where they’ve been given an allocation, and then connect their wallets and sign a message unwittingly sending all funds out, which could have been averted if people had taken their time and noticed red flags, used critical thinking, and reached out to others asking more about it, among other measures.

Web3 Infrastructure Due Diligence

Educating oneself in the risks associated with using different software or hardware wallet devices is an important element of staying safe when interacting with decentralized applications and websites.

If a hardware wallet, for example, comes up with a new update that requires its users to provide their full personal identifiable details to a third-party whose data safeguarding practices are unknown, these could create risk for the given user since a possible malicious leak by a rogue employee might subject them to a variety of well-honed spear phishing attacks. Alternatively, if a wallet’s source code is open-source, it provides users with the opportunity to identify any risks, but it also increases the likelihood of malicious actors discovering vulnerabilities.

One question everyone in the web3 space should ask themselves when connecting their browser wallets to a website is: Do I know what allowances I’m giving? If the answer is no, the risk here is that you could be sending your entire balance in the next click after that. It is pivotal to thoroughly inspect the messages being signed and not assume they are safe simply because previous transactions on different applications worked as desired.

Managing Risk

Conducting due diligence is the bedrock for a risk management framework in web3. In order to assess any risk associated with an entity, code, and individual, a robust inspection and analysis of all pieces of information surrounding it/them must take place first. This is why doing thorough research goes hand-in-hand with effective risk management.

For example, anyone who is taken to a website and then connects their wallet, only to later conduct due diligence and realize that having done so poses security risks, the user can manage their risk accordingly by disconnecting their wallet and revoking permissions on any service provider such as unrekt.net.

The skill of identifying red flags comes with experience. Researching and learning about how to approach any endeavor in the crypto space is an essential component in everyone’s journey. Seeing unusual behavior such as a team ghosting their community, or having a Telegram or Discord chat locked from typing anything are only a few common examples of red flags that should ring a bell in any user’s mind.

Using tools such as tokensniffer.com or rugdoc.io are another form of leveraging the degree to which everyone can identify possible scams, since these provide metrics and insights to users that might not be technical enough to read a smart contract.

Staying up-to-date is another critical component of managing risk. We’ve seen exploits requiring users to update their wallet’s latest firmware or the state of crypto lenders raising concerns that demand the utmost attention of clients in order to assess whether or not to pull liquidity out.

Conclusion

The cryptoverse will remain the Wild West for the foreseeable future. And, as such, everyone needs to be equipped with the knowledge and skills necessary to keep themselves safe from bad actors. Maintaining consistent due diligence and implementing effective risk management are essential when engaging with any web3 or web2 application.

Special credit to maarmapa for the graphics.

Contents
X
LinkedIn
Reddit
Telegram
Related Posts
Polkadot Security Recommendations for New Users

In today’s increasingly digital world, the importance of information security has become more crucial than ever before. Information Security, commonly known as Infosec, is a discipline that involves a variety of components associated with security.

Read More