In the first half of 2025, the amount stolen in Web3 exceeded $3.1 billion, with losses from phishing and social engineering attacks amounting to approximately $594 million. Solana users lost about $90 million due to phishing, highlighting the trend of attackers shifting their targets from smart contract vulnerabilities to user signatures. Currently, the industry still focuses excessively on protocol-level audits, with only about 13% of security tools able to provide real-time transaction-level protection against human attacks.