ERC-20 Tokens: Innovation or Exploitation? What We Learned at ETHDenver
At ETHDenver, we had the opportunity to attend Will Warren’s talk on ERC-20 tokens, and it was eye-opening to say the least!
As a team deeply involved in Web3 (user) security at GoPlus Security, we’ve witnessed the challenges users face when navigating the murky, and troubling waters of decentralized trading. Will’s insights reinforced what we already knew; security in the token economy is still an afterthought, and that needs to change for the better.
The Double-Edged Sword of ERC-20
ERC-20 tokens are everywhere. They power DeFi, gaming, stablecoins, and more. If you are in this space, you know what it is, and you have most likely interacted with one. However, the ERC-20 standard itself is quite minimal; it only defines how tokens should interact, leaving massive room for customization. This flexibility has enabled a wave of technological creativity but also a flood of scams. Having become a malicious actor's dream.
Over the past two years, we’ve seen the gargantuan rise of malicious tokens that exploit non-technical users (almost everyone). Honey pots, hidden transaction fees, and irreversible token locks have become all too common. Users, eager to catch the next 1000X on a meme coin by getting in before it skyrockets, often trade without knowing what they’re really buying. It’s gambler culture 3.0.
Token Security Tools Make for A Safer Web3
At GoPlus Security, we are committed to making Web3 safer by providing top-notch tools that analyze ERC-20 smart contracts, flag risks, and highlight suspicious token attributes. By integrating these insights into the user experience, we empower traders with the information they need to make informed decisions, all within a seamless and efficient workflow. Our platform, along with others like Honeypot IS and Quick Intel, analyzes smart contracts, identifies risks, and flags suspicious token attributes. However, as Will notices correctly, a major issue remains: most security tools exist in isolation; users often need to juggle multiple tabs and platforms just to verify a token’s safety.
During his talk, Will showcased how Matcha is tackling this problem head-on. We were particularly impressed with their approach, which integrates security insights directly into their platform. Instead of expecting users to do all the legwork themselves, Matcha provides key security indicators at the point of trading. Indicators such as…..
- Verified Contract Addresses: Ensuring users are trading the right token
- Official Project Links: Providing easy access to legitimate sources
- Liquidity Scores (0–10): Helping traders assess how easily they can sell a token
- GoPlus-Powered Security Audits: Highlighting key security risks at a glance
This implementation serves as a model for the other partners our ours. Instead of requiring users to hunt for security information, it makes safety a priority of the trading experience.
The Monumental Path Forward
It’s safe to say the future of Web3 depends on security. Without it, innovation stalls, adoption slows, and trust erodes. As an industry, we must take responsibility, not just for building exciting new tech but for ensuring they are safe, transparent, and accessible to all users. Not the few.
At GoPlus Security, we’ve seen the landscape evolve, the risks multiply, and the need for die-hard, user-centric security solutions become clearer than ever. Security should not be an afterthought even though it still is; it should be as fundamental to DeFi as liquidity and composability.
With the example that Matcha is setting, by integrating security directly into trading platforms, it’s basically creating a user experience where users no longer need to navigate complexity alone but have real-time, actionable insights at their degen fingertips.
This is the path forward: a future where security is seamless, trust is the default, and DeFi is truly built for everyone. Scams damage adoption, and if we want crypto to go mainstream, we must build platforms that protect users while keeping them informed.
Our builder journey has been long. So we aren’t afraid to say we are proud to be at the center of this BUIDL of Web3 User Security, working alongside Gigabrain innovators like Matcha to create a safer, smarter DeFi ecosystem.
