2026-02-17 –, Auditorium
As Web3 moves from niche experiments to institutional-grade infrastructure, our security models are hitting a tipping point. This panel explores how the industry is maturing to meet the demands of mainstream adoption without abandoning decentralization. We’ll look at what’s fundamentally shifting—from the evolution of smart contract security and wallets to the critical rise of operational security (OpSec)—and what remains immutable.
Mainstream adoption isn't just about better UI; it’s about a fundamental shift in how we manage risk. This session brings together security architects from both the "move fast" world of DeFi and the "zero-fail" world of institutions to discuss the practical realities of securing a global ecosystem.
The Evolution of the Stack:
Scaling Security: How do we transition from one-off smart contract audits to continuous, real-time security monitoring and automated response?
The User Experience Paradox: Discussing the shift from the burden of seed phrases to invisible security like MPC, TEEs and Account Abstraction—and whether we’re introducing new risks in the process.
Operational Maturity: Why OpSec (key management, governance, and internal controls) is becoming the most critical failure point as organizations move on-chain.
What Stays the Same: Identifying the "load-bearing" pillars of Web3—like zero-trust and cryptographic proofs—that must survive the leap to the mainstream.
Michael Lewellen is a blockchain security and software architect with over 14 years of experience in web3 systems. As Head of Solutions Engineering at Turnkey, he advises leading financial institutions and protocols on secure key management and infrastructure design. He has worked with major protocols including Arbitrum, Compound, and the EF during his time at OpenZeppelin. He currently teaches blockchain technology at UT Dallas and is a long-time contributor to the Security Alliance.
Andrew has been breaking, building, and defending things in infosec for over two decades (wow old). Starting at Paterva he spent 10+ years creating Maltego before moving to the US for security roles at BitMEX (IR), Robinhood (IR/D&R), Uniswap (Head of Security), and now Privy (Principal Security Engineer). He’s spoken at Black Hat, DEF CON, DSS, EthCC and countless others, teaching courses and drinking malibu on the way. When not thinking about security, he’s into cat memes, punk rock, and getting involved in just the right amount of unhinged shit to keep security interesting.