How safe is the blockchain?

The The main point of using a blockchain is to allow people, particularly people who do not trust each other, to share valuable data in a secure and tamper-proof way. This is because blockchains store data using sophisticated mathematical rules and innovative software that are extremely difficult to manipulate for hackers. But the security of even the best blockchain systems can fail in places where imaginative mathematical and software rules come into contact with humans, who are skilled cheaters, in the real world, where things can become disordered.

To understand why, start with what makes blockchains "safe" in principle. Bitcoin is a good example. In the Bitcoin blockchain, shared data is the history of every Bitcoin transaction ever made: an accounting ledger. The ledger is stored in multiple copies on a computer network, called "nodes". Every time someone sends a transaction to the ledger, the nodes check that the transaction is valid, that anyone who has spent a bitcoin has a bitcoin to spend. A subset of them helps to package valid transactions in "blocks" and add them to a chain of previous ones. The owners of these knots are called miners. Miners who successfully add new blocks to the chain earn bitcoins as a reward.

What makes this system theoretically anti-tampering is two things: a unique cryptographic fingerprint for each block and a "consent protocol", the process by which network nodes agree on a shared story.

The fingerprint, called a hash, initially requires a lot of computing time and energy to generate. It then serves to demonstrate that the miner who added block to the blockchain did the computational work to earn a reward in bitcoin (for this reason, it is said that Bitcoin uses a "proof of work" protocol). It also serves as a kind of seal, since modifying the block would require the generation of a new hash. To check if the hash corresponds to its block, however, it is simple, and once the nodes have done so, update the respective copies of the blockchain with the new block. This is the consent protocol.

The last element of security is that hashes also serve as links in the blockchain: each block includes the unique hash of the previous block. So, if you want to retroactively change an entry in the ledger, you need to calculate a new hash not only for the block in which it is located but also for each subsequent block. And you have to do it faster than other nodes can add new blocks to the chain. So, unless you have more powerful computers than the rest of the combined nodes (and even in this case, success is not guaranteed), any added blocking will conflict with existing ones and the other nodes will automatically reject the changes. This is what makes the blockchain tamper-proof, or "immutable".

Creative ways to cheat

So much for the theory. The practical implementation is more difficult. The simple fact that a system functions like Bitcoin – as many cryptocurrencies do – does not mean it is as safe. Even when developers use tried and true cryptographic tools, it's easy to accidentally put them together in ways that are not safe, says Neha Narula, director of MIT's Digital Currency Initiative. Bitcoin was the longest, so it is the most tested in battle.

People have also found creative ways to cheat. Emin Gün Sirer and his colleagues at Cornell University have shown that there is a way to subvert a blockchain even if you have less than half the mining power of other miners. The details are somewhat technical, but essentially an "egoist" can get an unfair advantage by tricking other knots into wasting time with the already solved crypto-puzzles.

Another possibility is an "eclipse attack". The nodes on the blockchain must remain in constant communication in order to compare the data. An attacker who manages to take control of a node's communications and deceive it by accepting false data that appears to come from the rest of the network can trick him into wasting resources or confirming false transactions.

Finally, no matter how anti-tampering a blockchain protocol is, it "does not exist in a vacuum," says Sirer. Cryptocurrency hackers who drive recent titles are usually errors in places where blockchain systems connect with the real world, such as in software clients and third-party applications.

For example, hackers can enter "hot wallets", applications connected to the Internet for the storage of private cryptographic keys required by anyone who owns the cryptocurrency in order to spend it. The portfolios owned by online cryptocurrency exchanges have become the main objectives. Many exchanges claim to keep most of their users' money in "cold" hardware portfolios, storage devices disconnected from the Internet. But as the January robbery of over $ 500 million worth of cryptocurrency from the exchange with Coincheck showed, it's not always the case.

Perhaps the most complicated contact points between blockchain and the real world are "smart contracts", which are computer programs stored in certain types of blockchains that automate transactions. In 2016, hackers exploited an unexpected strangeness in a clever contract written on the Ethereum blockchain to steal 3.6 million ethers, worth about $ 80 million at the time, from the Decentralized Autonomous Organization (DAO) , a new type of blockchain-based investment fund.

Since the DAO code lived on the blockchain, the Ethereum community had to push a controversial software update called "hard fork" to recover money, essentially creating a new version of the story where money was never stolen. Researchers are still developing methods to ensure that smart contracts do not work properly.

The question of centralization

One the presumed guarantee of security of a blockchain system is "decentralization". If the copies of the blockchain are stored on a broad and widely distributed network of nodes, there is no weak point to attack, and it is difficult for anyone to accumulate enough computing power to subvert the network. But recent work by Sirer and colleagues shows that neither Bitcoin nor Ethereum are decentralized as one might think. They found that the first four bitcoin extraction operations had more than 53% of the system's average extraction capacity per week. Similarly, three miners of Ethereum accounted for 61%.

Some say that alternative consensus protocols, perhaps those that are not based on mining, could be safer. But this hypothesis has not been tested on a large scale and probably the new protocols would have their security problems.

Others see the potential in blockchain that require permission to join, unlike the case of Bitcoin, where anyone can download the software can join the network. Such systems are anathema to the anti-hierarchical ethos of cryptocurrencies, but the approach is aimed at financial and other institutions seeking to exploit the advantages of a shared cryptographic database.

Authorized systems, however, raise their questions. Who has the authority to grant permission? How will the system ensure that validators are who they say they are? An authorized system can make its owners feel more secure, but in reality it gives them more control, which means they can make changes regardless of whether other network participants agree – something true believers would like to violate. the very idea of ​​blockchain.

So in the end, "safe" ends up being very difficult to define in the context of blockchains. Safe from whom? Safe for what? "It depends on your perspective," says Narula.