Unlike the usual attack vectors such as phishing, email, pop-ups, attachments, chats, etc., digital securities on a blockchain can be compromised by non-traditional vectors such as forking, hacking, and adverse selection by miners’ activities, and commingling of cryptocurrencies and digital securities. A permission-based blockchain considerably mitigates such risks.
As far as digital securities are concerned, putting transaction data off-chain can cause a host of problems, some of them technical, but many of them legal. Putting transactions off-chain questions the fundamental value proposition of a blockchain in the first place. Putting everything on-chain leads to performance issues. There has to be a way around this!