Threat Modeling

Threat modeling is the practice of asking what you are protecting, who wants it, and how they might get it — before an incident forces those questions. In Web3, assets are bearer instruments and contracts are globally callable, so the attack surface is unusually wide.

A useful model is not a 100-page document. It is a repeatable habit: name the valuable things, list realistic adversaries, map how they reach those assets, and rank mitigations by impact and cost.

For users, assets are usually seed phrases, hot wallet balances, and lingering token approvals. For protocol teams, assets include deployer keys, upgrade proxies, oracle feeds, and the trust users place in the brand.

Adversaries range from opportunistic phishers to sophisticated exploit hunters who monitor new contract deployments within minutes. Your mitigations should match the adversary you actually face, not the one that makes the best conference slide.