Symbiosis of Innovation and Regulation: Industry Experts Guide Web3 Payment Security and Compliance

CN
PANews
Follow
13 hours ago

In the current rapid development of Web3, payment security and legal compliance have become key factors for the industry to move towards the mainstream. During the roundtable discussion at the Wanxiang Blockchain Conference, CertiK CTO Li Kang, SlowMist Vice President Sun Xi, founding partner of Mankun Law Firm Liu Honglin, and host PANONY & PANews co-founder Bi Tongtong engaged in an in-depth discussion on "How to Build a Secure Future for Web3 Payments," covering various dimensions such as security risks, regulatory uncertainties, the balance between decentralization and compliance, as well as entrepreneurial and personal safety practices.

Dual Challenges: Underlying Security Risks and Upper-Level Compliance Fog

What is the biggest dilemma facing Web3 payments? Experts unanimously agree that security and compliance are two mountains that must be climbed.

SlowMist Vice President Sun Xi summarized the current situation as "security issues at the bottom, compliance issues at the top." From a security perspective, the main risks include:

  • First, poor management of user private keys. In the Web3 world, "users are their own banks," but most people lack sufficient security awareness, leading to frequent incidents of mnemonic phrases or private keys being leaked, resulting in stolen wallet assets and a very low success rate for asset recovery.

  • Second, frequent vulnerabilities in smart contracts. Emerging payment scenarios such as cross-chain bridges and DeFi protocols have become key targets for attackers, and once vulnerabilities are exploited, they often lead to massive losses.

  • Third, risks arising from the anonymity of on-chain funds. Although blockchain ledgers are open and transparent, the anonymity of addresses facilitates the flow of illegal funds.

On the compliance front, regulatory uncertainty also puts significant pressure on the industry. Different countries and regions have significantly different attitudes towards crypto payments—some actively embrace innovation, some strictly prohibit it, while others remain watchful. This dynamic environment of "compliance today, crossing the red line tomorrow" makes it difficult for project parties to define their own boundaries.

CertiK CTO Li Kang agrees and further explains the root of regulatory uncertainty from a technical perspective. He points out that this uncertainty arises not only from policy changes but also from the complexity of blockchain itself. The difficulty in tracking the flow of on-chain funds often leads to misinterpretation of regulations, causing market panic; at the same time, the cross-regional nature of blockchain means that policy changes in one area can have a ripple effect on payment companies operating globally.

"Regular Troops" Entering the Field: Industry Evolution and New Risks

Despite the numerous challenges, the immense potential of Web3 payments is attracting more and more "regular troops" to enter the field. Mankun Law Firm founding partner Liu Honglin observes that the industry is undergoing a significant transformation.

He points out that early crypto payment projects—especially those directly targeting end users—often had "very sloppy" operational qualifications and compliance. However, as places like Hong Kong gradually clarify their regulatory frameworks for stablecoins, more leading domestic cross-border payment companies are beginning to enter the market. These newcomers adopt compliant strategies from the outset, whether it’s applying for licenses, deploying on-chain anti-money laundering (AML) tools, or building security systems, demonstrating a level of professionalism far exceeding that of early entrepreneurial teams.

However, new risk points are also emerging. The freezing of on-chain assets is becoming an increasingly severe issue. For example, mainstream stablecoin issuers can freeze assets in specific addresses based on regulatory requirements, and regulatory agencies can also request the freezing of on-chain funds through letters. This poses a potential threat to institutions holding large amounts of assets. Liu Honglin believes that the resonance of pain points and demands will inevitably create new opportunities, stating that in the next 1 to 3 years, the Web3 payment field will see tremendous commercial potential and value.

Decentralization and Compliance: Not a Contradiction of "Fish and Bear's Paw"

When stablecoins incorporate compliance features such as black and white lists, does it deviate from the "spirit of crypto"? In response to this long-standing debate, experts generally believe that decentralization and compliance are not contradictory but can be compatible through technical means.

Sun Xi points out that compliance is a rules issue, while decentralization is a structural issue. Future Web3 systems should achieve compliance support through technology without undermining user autonomy. For example, embedding regulatory requirements directly into the code layer at the project's inception to form "compliance code" can reduce the need for later manual intervention while preserving the spirit of decentralization. He believes that if this model matures, the focus of future discussions will shift from "whether compliance is needed" to "how to achieve intelligent compliance."

Li Kang also believes that no decentralized system, including DEX, can completely avoid regulatory requirements. While the blacklisting mechanism for stablecoins may lead to funds being frozen, its original intention is to prevent illegal activities such as money laundering. The ultimate goal of regulation is to protect users and the market, so the key lies in designing reasonable and abuse-resistant mechanisms. The industry should maintain open dialogue with regulatory agencies to find a balance.

Liu Honglin further emphasizes: "Decentralization is not the ultimate goal, but a means to achieve the goal." In real scenarios, when users encounter theft or disputes, their first reaction is still to "call the police." He points out that regulation does not equal centralization; it can also be undertaken by international third-party organizations. To promote the popularization and compliance of the blockchain industry, it is necessary to lower the user experience threshold, such as introducing black and white list mechanisms, risk warning systems, and asset risk emergency response mechanisms, allowing users to quickly contact regulators or service providers when issues arise. These measures will help the industry develop more safely.

Practical Advice for Practitioners and Users

Regarding how entrepreneurial teams should layout the payment track, the three guests unanimously agree that security and compliance must go hand in hand and be embedded in the system design from the outset.

Sun Xi suggests:

  • Wallet systems should support multi-signature or MPC mechanisms;

  • Deploy real-time on-chain monitoring and warning systems;

  • Establish emergency response mechanisms to ensure quick intervention and handling in the event of attacks or abnormal transactions;

In terms of compliance, with the strengthening of global regulatory policies, KYC and KYT have become basic requirements for project parties, rather than optional features. At the same time, integrating on-chain transaction monitoring systems, such as StraitsX, can ensure the legality of transaction sources and avoid receiving dirty money. Sun Xi emphasizes that the purpose of these measures is not only to meet compliance requirements but also to protect the safety of users and customer assets.

Li Kang's advice is more direct: "Make more friends in security and law."

Liu Honglin adds that while blockchain knows no borders, compliance still depends on the regulatory requirements of the user's location. Therefore, from a business perspective, compliance issues need to focus on the security of technology, mechanisms, etc., while also considering the relevant regulations of government departments. He points out that when serving clients, one should assess the licenses required for business development based on the needs of the target market and adjust strategies according to cost-effectiveness. If certain licenses are not cost-effective at the current stage, they may need to be replanned. Compliance work should be advanced based on priorities and the input-output ratio, matching market strategies and development stages.

Advice for Ordinary Users:

  • Awareness is the best defense: CertiK CTO Li Kang points out that individual users need to clarify their purpose for participating in on-chain activities. If it is merely for investment, they can choose exchanges or ETFs and do not need to hold assets directly. For users who wish to explore further, it is recommended to read open-source security materials such as "The Dark Forest Survival Manual" to understand potential risks. At the same time, users are advised to build a network of security contacts and communicate more with security experts or law firms to enhance their awareness and capabilities regarding on-chain security.

  • Guard your private keys, protect your assets: SlowMist Vice President Sun Xi suggests that newcomers to the space should start by purchasing a small amount of crypto assets to experience the trading environment. He particularly reminds users: first, properly safeguard private keys, as private keys are assets; second, be wary of fake wallet or exchange download links recommended by some domestic search engines to avoid phishing and Trojan attacks; third, avoid following the crowd in speculation, treat investments rationally, and protect their assets.

  • Pay attention to the security of fiat accounts: Mankun Law Firm founding partner Liu Honglin reminds users to focus on fund security. When converting crypto assets into cash through methods like C2C, there is a risk of personal bank accounts being frozen, so caution is required. He suggests that newcomers can first join Web3 companies, especially in the legal compliance or business services sectors, to enter the industry with lower risks and accumulate experience.

For traditional payment companies that are still on the fence about entering the market, the experts' attitudes are very clear. Li Kang believes that payments based on virtual currencies and tokenized assets have become a market reality, stating, "The question is not whether to participate, but when to participate."

Liu Honglin adds that crypto payments are an irreversible trend for the future, and companies should act decisively once they determine their direction, without excessive hesitation.

Sun Xi proposes three key judgment criteria: whether the business scenario supports attempts at Web3 transformation, whether user assets are protected by compliance, and whether risk control and regulatory issues can be addressed in a timely manner. Only by preparing well in these three areas can companies smoothly enter and establish themselves in the new generation of payment systems.

免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。

Share To

Related Articles

avatar
avatarCoin Gabbar
16 minutes ago
Apro Token Price Crash 5 Reasons: What’s Next After $AT 35% Fall
avatar
avatarCoin Gabbar
46 minutes ago
Binance Word of the Day Answer 25 October 2025: Full WOTD List
avatar
avatarCoin Gabbar
1 hour ago
Marina Protocol Daily Quiz Today 25 October 2025: Earn Coins
avatar
avatarCoin Gabbar
1 hour ago
Spur Protocol Daily Quiz Answer 25 October 2025: Earn Rewards
avatar
avatarCoin Gabbar
1 hour ago
Polymarket Poly Token Launch Nears $15B Funding: Airdrop Details
APP

X

Telegram

Facebook

Reddit

CopyLink