Like other digital currency users, when you hear the word blockchain, you probably equate it with security, but in fact security is a complex concept that has a wide range of dimensions. Include, join BingMag Meg to simply explore the various dimensions of blockchain security, and answer the basic questions that may arise for those interested in the technology.
The main purpose of using blockchain is to allow people (especially people who do not know each other and, more importantly, do not trust each other) to be able to share their valuable data with each other in a secure and non-manipulative way. Due to the use of very complex mathematical algorithms and unique software rules, blockchains store data in a way that is very difficult for attackers to manipulate. But the truth is that no matter How high the security of these blockchains, when it comes to skilled attackers, it is sometimes seen that even the best-designed blockchains have not escaped the attacks of these attackers and have been defeated by them. To better understand the issue, we begin with what essentially makes blockchains "safe". The best example is Bitcoin. In the Bitcoin blockchain, the shared data is the history of each bitcoin transaction ever made. All of these transactions are recorded in a Distributed Ledger ledger. The distributed general ledger is stored in multiple copies on a network of computers called nodes. Each time a person submits a transaction to the general ledger, the nodes are checked to make sure the transaction is valid (everyone who spent a bitcoin had a bitcoin to spend). A subset of them also compete to package valid transactions in "blocks" and add them to a chain of previous transactions. The owners of these nodes are called miners. Miners who successfully add new blocks to the blockchain will receive a bitcoin as a reward.
The fingerprint mentioned above is called a hash, which takes a lot of computational time and energy to initialize. It therefore acts as evidence that the miner who added the block to the blockchain did the computational work for the reward, which is bitcoin (for this reason, bitcoin is said to use the "proof of work" protocol). It can also be considered as a seal, as changing the block requires creating a new hash. However, it is easy to verify whether the hash matches its block, and when the nodes have done so, they update their respective versions in the blockchain by adding a new block. This method is called the consensus protocol.
The final security factor is that hashes also act as links in blockchains, each block containing a unique hash of the previous block. So if you want to change a previous entry in the general ledger, you have to calculate a new hash not only for the block in which it exists, but also for each subsequent block. And you have to do this faster than other nodes that are adding new blocks to the blockchain. So, if you have computers that are more powerful than all the other nodes (and even then, there is no guarantee of your success), each block you add will conflict with the existing blocks, and the other nodes will automatically reject your changes. they do. This is what makes blockchain untouchable or "immutable".
Creative Ways to Cheat
There are many theories about blockchain vulnerabilities that are very difficult to implement in practice. Neha Narula, director general of the Digital Currency Initiative at MIT Media Lab, says that even when developers use tested and secure cryptographic tools, it is still possible to accidentally link them together insecurely.
Security teams and white hat hackers have found creative ways to cheat. Emin Gn Sirer and colleagues at Cornell University have shown that even if you have less mining power than half the other miners, there is a way to overthrow a blockchain. We are not going to go into technical details in this article, but basically a "selfish miner" or "selfish miner" can deceive other nodes and waste time on Pre-solved encrypted puzzles have gained an unfair advantage over the rest.
Another possibility is an "eclipse attack". The nodes in the blockchain must be in constant communication to compare the data. An attacker could take control of a node's communications and trick it into accepting incorrect data that appears to be coming from the rest of the network, or it could trick it into wasting resources or verifying fraudulent transactions. Hackers can infiltrate "hot wallets" (software and web wallets). Internet-connected applications to store the private cryptographic keys that anyone with a digital currency needs to spend, and wallets owned by online digital currency exchanges, have also become major targets. Many exchanges claim to keep most of their users' money in "cold" hardware wallets (storage devices without an Internet connection). But stealing more than $ 500 million in digital currency from the Japanese exchange Coincheck showed us that this is not always the case.
Perhaps the most complex point of contact between blockchain and the real world is "smart contracts". A smart contract is a program written on a blockchain platform that can automate transactions. In 2016, hackers abused a smart contract written on the Atrium blockchain to extract 3.6 million ethers worth about $ 80 million at the time from the Decentralized Autonomous Organization (DAO). They were led by the user community and lacked any central decision-making power). To return the money. Researchers are still developing methods to ensure that smart contracts work properly.
One of the security guarantees on paper of a blockchain system is "decentralization". If copies of the blockchain are stored in a large, extensive network of nodes, there is no point in attacking, and it is difficult for an individual or team to build enough computing power to overthrow the network. But recent research by Serer and colleagues has shown that Bitcoin and Atrium are not as decentralized as you might think. They found that the top four bitcoin mining teams accounted for more than 53 percent of the average weekly mining capacity. By the same token, the three atrium miners accounted for 61 percent of extraction.
Some say alternative consensus protocols, and non-extraction-based protocols, could be safer. But this hypothesis has not been tested on a large scale, and new protocols may have their own security problems. Others, unlike the bitcoin system where anyone who downloads the software can join the network, have the potential They see blocks that need permission to join. Such systems run counter to the hierarchical ethics of cryptocurrencies, but this approach is appropriate for financial institutions and other entities seeking to capitalize on the benefits of a shared cryptographic database.
However, many questions remain. It comes to the minds of the audience, like who has the authority to grant a license? How does the system ensure that the validators are what they say they are? An authorized system may make its owners feel more secure, but in reality it only gives them more control, meaning that they can make changes, whether other network participants agree or not (something that true believers believe). They are considered to be violating the idea of blockchain.)
So in the end, it is very difficult to define "security" in the context of blockchain. Safe for whom? Safe for what? The answer is that it depends on your point of view.