Source: Beosin
After experiencing the GameFi game craze and bubble burst represented by Axie Infinity in 2021, GameFi began to recover in the second half of 2023. The explosion of the 3A chain game Bigtime caused a stir in the market. Widespread attention to GameFi. On January 9, 2024, the Arbitrum Layer3 Xai game proprietary chain was officially launched; on January 12, the gaming platform SkyArk Chronicles completed a US$15 million financing led by Binance Labs. The combination of new public chains + new games has become the focus of the market, and many users have high hopes for GameFi’s future performance.
What is the current development status of the GameFi track? Which projects are worthy of attention? What security challenges will GameFi track face? Today, the Beosin team will analyze it one by one for everyone.
In 2021, GameFi-related project financing totaled more than 1.5 billion US dollars. Excluding the market value of GameFi tokens, only the GameFi project’s The total valuation of development companies is close to tens of billions of dollars. After experiencing a cold winter in the Web3 market, according to Blockchaingamer statistics, about 31% of GameFi projects have stopped development or are inactive.
source: https://www.footprint.network/@Higi/Inactive-games-Dashboard
Thanks to the recovery of the market and the popularity brought by the new GameFi project, GameFi is currently The overall activity level has been greatly improved. Taking Ethereum's leading chain game as an example, the transaction volume of games such as Gala, Stepn, Axie, and Sandbox reached a record high in the past year at the end of 2023.
source: https://dune.com/datafi/gamefi
In October 2023, the primary market Financing in the GameFi track has exceeded US$100 million, and many GameFi projects have raised tens of millions of US dollars again to continue to use the development, testing and promotion of games. With the public testing and official launch of a large number of games in 2024, the market's attention to GameFi is likely to increase.
Note: The following content does not constitute investment advice.
Ronin is An EVM blockchain specifically designed for games, launched by Sky Mavis, the development team behind the once-smash-hit chain game Axie Infinity, a project that has generated more than $1.3 billion in revenue.
After experiencing the security incident in 2022, Ronin Network gave up adopting the original Proof of Authority (PoA) consensus. PoA is based on the reputation-based consensus mechanism. The Sky Mavis team selects node verifiers based on credibility and they verify transactions. Among the node validators are well-known companies like Binance and Animoca Brands. The PoA consensus mechanism can quickly confirm transactions, but it makes the Ronin Network too centralized.
In 2023, Sky Mavis decided to reduce the risk of centralization and officially upgraded the consensus mechanism to DPOS on April 12, 2023. Beosin conducted a comprehensive audit of Ronin Network’s main network, smart contracts, etc., and provided a detailed security audit report. In this security audit of Ronin Network by the Beosin security team, a total of 1 high risk, 4 medium risks, 3 low risks and 3 warning risks were found. With the assistance of the Beosin security team, these high, medium and low related risks have been fixed. These repair measures have effectively improved the security and stability of Ronin and ensured the security of user assets.
After the upgraded consensus, the Ronin Network is more decentralized than before. The number of validator nodes has increased from 9 to 22, and there are a total of 27 candidate validators. However, Sky Mavis stipulates that governance validators must be validators, and companies such as Sky Mavis, Yield Guild Games, NonFungible.com, Nansen, Google, DappRadar DAO and Animoca Brands are designated as governance validators, and there are still 15 validators left. The quota is given to the community.
Currently, Ronin Network’s total TVL is approximately US$150 million, and its ecological projects are developing rapidly. Sky Mavis developed Axie Infinity, Ronin Wallet, game NFT trading market Marketplace and game integration platform Mavis Hub. In 2023, Ronin has cooperated with game studios such as Directive Games, Tribes, Bali Games and Bowled.io, and will launch multiple games on the Ronin Network.
Immutable Features fast transaction confirmation, zero gas fees and high scalability. Immutable X is built using StarkEx technology.
Immutalbe This can reduce the amount of calculations on the chain and further improve TPS. The comparison of the solutions is shown in the figure below:
A number of games are currently running in the Immutalbe X ecosystem, such as Gods Unchained, Guild of Guardians and Illuvium, among which Guild of Guardians and Illuvium have issued game tokens.
link: https://eagleeye.space/relation/immutable
Xai is Layer 3 built on Arbitrum Nitro, focusing on the incubation and user experience of GameFi projects. Its main features are the back-end integration of the wallet, providing a transaction-fee-free gaming experience and a unique game economic design. Xai is currently cooperating with the game team Ex Populus to develop two games, Final Form and LAMOverse, on the Xai chain.
Xai has issued the token XAI, which will be used as a gas token and node reward for the Xai chain. More uses will only be known after the games on its network are launched. Xai is currently included in EagleEye, and users can query or monitor related on-chain activities.
link: https://eagleeye.space/detail/xai
Oasys is an Ethereum side chain designed specifically for games, using a PoS mechanism and having Layer1 and Layer2. Layer 1 is only used to run tokens, NFTs, cross-chain bridges and Rollup contracts, and the game runs on the proprietary, zero-gas fee Layer 2. This design improves transaction speed and gaming experience.
Oasys Layer2 uses Optimistic Rollup, but cancels the 7-day challenge period of Optimistic Rollup to improve user experience. The challenge period is canceled because its network nodes are similar to the previous Ronin Network, which are controlled by institutions and companies and have absolute control over the assets and transactions of the network.
link: https://oasys.gamefi.org/
Oasys currently has 6 Layer 2, 36 games run on these Layer 2, players can participate in these games to receive OAS rewards, Oasys’ native token.
Gala Games announced a strategic partnership with DWF Labs in November 2023 to promote the mass adoption of Galachain. This cooperation has brought the GameFi project that became popular in 2021 to once again attract market attention.
Gala Games has launched a number of games and expanded its business into music and movies. In January 2023, Gala Games optimized its token model. When purchasing and paying with Gala tokens on the Gala platform, the Gala tokens spent will be distributed to nodes to increase node income. Users can monitor the on-chain activities of Gala tokens through EagleEye:
link: https://eagleeye.space/detail/gala< /p>
Myria is an Ethereum Layer 2 developed specifically for GameFi. Similar to Immutable Its token is MYRIA, and there is insufficient liquidity on the chain. The main trading volume is concentrated on centralized exchanges such as OKX and Bitget.
link: https://eagleeye.space/detail/myria
Currently, Myria has released a number of free games. Such as Metarush, Metakart, Block Royale, Starstrike Legends and Mooville Farm, are committed to building game platforms similar to Gala Games.
Fully onchain game means that all game logic and status are run and stored on the blockchain network Games. Previously, due to the performance bottleneck of the blockchain network and the lack of infrastructure, most GameFi games only put game assets on the chain. In 2023, full-chain games have made very significant progress, attracting some developers to participate in the development of full-chain games. The reasons are as follows:
1. Investment institutions such as a16z and Jump Crypto attach great importance to and promote full-chain games and support the development of the full-chain game sub-track.
2. AA wallets are becoming increasingly popular. Users do not need to sign for every on-chain operation. They can sign and update the game status after completing a round/multi-step operation. This improves the user experience of participating in full-chain games.
3. The development of game engines has lowered the threshold for developers to develop full-chain games. Currently, Starknet's Dojo game engine and the MUD game engine incorporating OP Stack are the most popular among developers.
In 2023, full-chain games have become a focus of the GameFi track. Many full-chain games have now entered the test network stage and have a certain degree of playability. The following are full-chain games that the market is currently paying more attention to.
Realms World is the game ecosystem of the Loot NFT project. Currently, Realms World already has Loot Survivor and Realms: ;Eternum and other 8 games, these games are all based on Starknet's Dojo. Among them, Loot Survivor is a survival adventure game that uses a unique Play2Die mechanism. In the game, players need to fight/escape with monsters, upgrade various attributes of the character, collect equipment to extend the survival time, and compete for higher positions in the rankings. Location.
link: https://realms.world/
Realms: Eternum is an MMO strategy game. Players will build and grow their kingdom while fending off attacks from other players. Each kingdom in Eternum is actually an NFT, which is also used for the governance of Realms World, and you can earn Realms World's ecological token LORDS by staking the NFT.
EagleEye currently includes LORDS tokens. Users can monitor the on-chain changes of LORDS tokens on EagleEye:
link: https: //eagleeye.space/detail/lords
Sky Strife is a MUD-based A full-chain game built with a game engine. It features fast-paced real-time strategy (RTS) combat from the team behind Lattice, which built the MUD engine. The gameplay of Sky Strife is similar to other real-time strategy games. Taking the four-player map of Sky Strife as an example, after the start, the four players are located in their respective main bases on the map. The player's goal is to compete for more resources to produce soldiers and send troops to capture other players' main bases. Players need to develop appropriate strategies by allocating resources between producing soldiers, controlling resources in the map, defending bases, and attacking other players' bases.
Sky Strife is currently in the test network At this stage, its token is ORB, which has not yet been issued. Sky Strife’s development team plans to iteratively transform Sky Strife into an autonomous world with resources, logic, and an economy that can be freely built, allowing the community to develop new on-chain games, game rules, and game modules within the Sky Strife world.
Cellula is a full-chain artificial life simulation game. In Cellula, players create artificial "life" with different shapes and appearances by combining and assembling cells, the smallest units of life. Players can observe the process of these "life" growing, reproducing and evolving in the virtual space. Cellula uses the Ethereum block height to act as "time", and every "life" will grow and evolve with Ethereum.
link: https://play.cellula.life/home
Except for full-chain games, other GameFi games can be divided into Web2.5 games, which are chain games in which game assets are put on the chain and most of the game logic is processed by a centralized server. In 2023-2024, many such games will be in open beta or officially launched, such as the multiplayer online role-playing game Bigtime, the first-person shooter games Matr1x FIRE and SHRAPNEL, and the strategy game GasHero.
At present, this type of game has learned from the failure of chain games in 2021, focusing on Play & Earn, optimizing the Play part from the game screen, game play, and game experience; optimizing from the token economic design The Earn part attracts users with free or low threshold.
GameFi will not only provide players with token incentives, but also give players ownership of game assets to encrypt the economy and decentralize the game. Create game projects with centralized characteristics. GameFi has faced many security vulnerabilities and hacker attacks during its development. These threats not only pose a serious threat to the security of users' assets, but also have a serious negative impact on the healthy development of the entire GameFi ecosystem.
Beosin is very concerned about the ecological security of GameFi. Once popular blockchain game projects such as Fren Pet and xPet were launched, Beosin conducted security analysis on their tokens and game contracts to avoid potential vulnerability attacks. So, what are the common security issues with GameFi? How to improve the security of GameFi? In response to this, Beosin has sorted out the following security risks and suggestions.
GameFi projects usually use one or more tokens as currency to purchase props in the game and reward players. The token contract is used to manage the minting, trading and destruction of tokens. If there are loopholes in the token contract, it may cause a devastating blow to the entire game's economic system.
Token contracts usually have centralization risks, that is, the owner/administrator of the token contract has too high permissions, and the contract owner/administrator can modify the token transaction fees. Prevent users from buying or selling, add address blacklists, issue unlimited tokens, and even reset the token balance of any address.
Users can query the risks of token contract addresses through the EagleEye platform. EagleEye will detect and prompt token contract risks to help users avoid potential losses. The following is an unlimited minting reminder for xPet project $BPET tokens:
The GameFi business contract is usually responsible for the implementation of the main gameplay and reward distribution of the game. Most developers will implement their business contracts into upgradeable contracts. For the security of upgradable contracts, Beosin recommends:
(1) Initialize contracts and dependencies. Developers may forget to initialize the contract and dependencies when deploying the contract, resulting in serious vulnerabilities in the contract.
(2) Pay attention to storage conflicts. Modifying storage when upgrading contracts may cause storage conflicts between contracts of different versions, and different variables may point to the same storage location, resulting in data errors and loss of funds.
(3) Pay attention to permission control. Developers need to limit the upgrade permissions of contracts to prevent attackers from gaining control of contract upgrades. Hackers may gain contract upgrade rights by stealing private keys or implementing governance attacks.
NFT is mainly used as a game asset held by players in the GameFi project. The project can only pass the quantity and rarity of NFT. Ensure the value of game assets. However, improper implementation of NFTs may introduce security risks.
How to achieve randomness is an issue that project parties need to pay special attention to. GameFi projects usually launch activities such as blind boxes and randomly generated rewards in game tasks. In this type of NFT minting process, the project party may use information such as block timestamps as an information source to generate NFTs of different rarities. The block timestamp may be predicted or controlled, leading to unfair game competition. It is recommended that project parties use Chainlink VRF (verifiable random function) to reduce such risks.
In addition, the project party needs to securely store the IPFS hash value of its NFT metadata, images and metadata to avoid early leakage of NFT rarity data. Otherwise, hackers can locate the metadata of relevant NFTs and target the rarest NFTs for minting during the minting process.
When players trade NFTs, project parties should pay attention to the difference between ERC-1155 tokens and ERC-721 tokens. ERC-1155 is an improvement of ERC-721. Supports the creation of multiple tokens for fungible tokens and NFTs in a single contract. ERC-721 tokens need to be transferred multiple times, while ERC-1155 tokens can be transferred in batches. Project parties need to pay attention to the distinction when implementing related token transfers. Previously, Arbitrum chain’s TreasureDAO was attacked by hackers.
Multi-chain GameFi projects and GameFi application chains will use cross-chain bridges to allow users to pass through different blockchain networks Map in-game assets. Cross-chain bridges are a very important part for improving the liquidity of the game/ecology and attracting users. The GameFi cross-chain bridge has two main risks:
First, due to contract vulnerabilities, game assets mapped between different networks are inconsistent. Hackers may use contract vulnerabilities to issue additional game assets on a certain network to make profits.
The second is the risk of cross-chain bridge verification nodes. Previously, Ronin Network lost US$620 million on its cross-chain bridge due to the leakage of node private keys. It is recommended that the GameFi application chain needs to increase the verification nodes of its cross-chain bridge and store the private keys securely to avoid losses caused by malicious control of verification nodes.
2. Off-chain security challenges
Except for full-chain games, most Part of the back-end logic and interfaces of the GameFi project still rely on off-chain centralized servers. These servers will store important information, including some game logic, game data and player account information. These servers are vulnerable to malicious attacks.
2.1 Tampering with NFT data
In the previous section, we emphasized that the metadata of NFT is very important. However, Many GameFi projects store their NFT metadata on centralized servers rather than on decentralized infrastructure like Arweave. This increases the risk of attackers or internal project tampering with metadata, infringing upon players' ownership and interests of their game assets.
2.2 Phishing attack
An attacker can obtain sensitive information of the project through phishing attacks, such as the wallet private key for managing the game vault and GitHub account wait. Hackers can then expand the scale of the attack through supply chain attacks or phishing attacks, causing more losses.
After three years of exploration, GameFi has seen the emergence of more and more proprietary game public chains and better quality game projects. Among them, the full-chain game is a more native Web3 narrative, but it is in a very early stage, and the entire track still needs time to iterate. When participating in the construction of the GameFi track, developers must pay attention to avoiding the above security risks in order to build a more reliable GameFi project.
In the first half of 2024, the cryptocurrency market showed a diversified development trend, among which Gamefi, Bitcoin Layer 2 network (Layer 2) and decentralized physical infrastructure (DePIN) performed particularly well.
JinseFinanceOn June 3, the GameFi sector saw unusual movements, and the top five gainers on Binance were all GameFi-related tokens.
JinseFinanceGameFi entrepreneurs need to have the perfect game plan to make a comeback in 2024.
JinseFinanceJinseFinanceThis article explores the rise of GameFi tokens and the exciting possibilities they offer at the intersection of gaming and DeFi.
BitcoinworldSupported by data, this report analyzes the performance of various projects in the GameFi industry in terms of user behavior, on-chain transactions, financing, and currency price fluctuations.
CointelegraphLondon - Europe is set to become a future hotspot for the Metaverse as HyperNation prepares to launch its latest ...
BitcoinistAnd over the past few years, GameFi has emerged as the newest category in the crypto economy.
FtftxHow should the future story of GameFi be written?
CointelegraphThe narrative logic of GameFi lies in two points: first, the main promotion of the old-age chain games is "player's ownership of in-game assets"; second, "Play2Earn".
Cointelegraph