97 - Composability
Composability by Design: Permissionless innovation and censorship-resistance are core aspirational goals of Web3.
-
There are numerous stories of Web2 companies that initially enticed developers to build on their platforms only to shut them out later when they were perceived as a competitive threat.
-
Web3 applications, especially smart contracts, are open by design and can be accessed permissionlessly by end users and other smart contracts alike.
-
This composability lends itself to applications that can be layered on top of others like legos, which is great if everything holds up and new lego toys are reliably built on others. However, this unconstrained composability introduces unexpected cross-systemic dependencies that may trigger invalid assumptions across components (likely built by different teams with different constraints in mind) and expose attack surfaces or modes previously unconsidered.
-
This makes characterizing Web3 vulnerabilities and exploit scenarios very challenging without deep knowledge of all interacting components, constraints and configurations.
- Open/Composable by Design
- Permissionless Access
- Users/Contracts
- Components, Configs, & Dependencies
- Vulnerabilities, Exploits, & Attack Surface