Is Blockchain as Fail-Safe as Everyone Thinks?
Blockchain technology is touted in the media as a decentralized, secure, and tamper-proof distributed ledger stored on a peer-to-peer network. Recent hacks of cryptocurrency exchanges have cast doubts on the security of blockchain and if they are as fail-safe as they are hyped to be.
In its young life, blockchain has contributed significantly to the financial world, being pivotal for the most popular cryptocurrencies, with its litmus test so far being the Bitcoin network. However, it must be noted that blockchain technology is only a decade old and we should not expect too much from it just yet.
Understanding Blockchain Security
A blockchain is a network of computers spread across the world without a central server to store the data.
In a normal world, hackers target and attack the servers of companies. In recent times, Facebook and Google have been breached. However, there is a different approach to hacking a blockchain network. A blockchain protocol can be hacked in theory, but it is difficult to do so in practice.
Every information of data entered on the blockchain is recorded on each computer (known as a node) that exists on the network.
Once the data has been appended on the protocol, it cannot be altered or deleted. Hackers will have to initiate what it is known as a 51 percent network attack. This is considered to be possible in theory but too costly to carry out, since hackers will have to gain control of the entire network if they want to effect a 51 percent network attack, which requires having a lot of computing power.
Let’s use the Bitcoin network as an example. The Bitcoin network employs a Proof-of-Work consensus mechanism to prevent the double-spend problem — the equivalent of creating counterfeit money. It is almost impossible to hack the Bitcoin network because it is very expensive; it costs millions, if not billions.
While the above is true for the Bitcoin network, the situation differs from the blockchain network to network, depending on the consensus mechanisms used.
Blockchain’s security is based on two concepts:
- A consensus algorithm; and
- Cryptographic properties assigned to the blocks of the chain.
This does not still answer if blockchains are fail-safe or not. Blockchains can still be compromised.
The DAO Attack
There have been several high-profile hacks in the crypto industry that suggest that blockchains are not the “holy grail” of security.
For example, Ethereum, the platform upon which Ether, the second largest cryptocurrency, is built, is a decentralized operating platform designed for the creation of decentralized apps (DApps). The Ethereum platform has done a great job in pioneering smart contracts — a computer code that executes a command when predefined conditions are met.
The Decentralized Autonomous Organization (DAO) was a leaderless investment organization. The organization was built on top of the Ethereum network, which had just raised $150 million in its initial coin offering. In 2016, hackers exploited a bug in a smart contract and siphoned off Ether tokens worth $50 million at the time. Despite this, Ethereum has continued to be the most preferred platform to launch initial coin offerings. The new ICOs are playing their part in auditing their security system and improving where needed.
Although the hack did not directly involve the hacking of a blockchain protocol, it showed that it was possible to attack blockchain networks and succeed. The effects of the hack were profound as they eventually led to a hard fork (the splitting of a blockchain protocol).
The Loss in Cryptocurrency Exchanges
Cryptocurrency exchanges have collectively lost more than a billion dollars in hacks; Mt. Gox around $450 million, Coincheck lost $530 million in NEM coins, Zaif lost $60 million, as some of the biggest losses.
While these hacks did not involve the direct hacking of the blockchain platform, they still suggest that entities built around the technology can be breached.
Why Blockchain Protocols Charges Network Fees
There is a reason why blockchain protocols charge small network fees. For example, In September 2018, the average cost of sending a bitcoin was $0.60USD, compared with $0.20 USD on Ethereum and $0.50 USD on Monero. The simple reason for this is Direct Denial of Service (DDoS) attacks. It involves spamming a blockchain network with a high volume of traffic so that legitimate transactions are suspended. However, a DDoS attack does not spell the theft of funds in the case of a blockchain protocol; it results in slowing down the network. Several measures have been built in these networks to counteract the effects of such actions.
Centralization of Blockchain Network
The Bitcoin network is probably the most popular and tested blockchains of them all.
Initially, the process of mining was decentralized and everyone with a computer could join the network. With time, the difficulty in mining increased and specialized equipment had to be used to maintain the network.
Major players with huge capital entered the space and they have since invested millions in setting up mining farms. It is believed that the top five Bitcoin mining pools control between 30 to 50 percent of the network’s computing power. These mining pools can collude and collapse the system if their processing power surpasses 50 percent.
Mitigation of Bugs and Security Errors
No matter how careful programmers are, the software they develop will likely have bugs and security vulnerabilities. Blockchain protocols have suffered from a few bugs and hackers have capitalized on this. To mitigate this, blockchain platforms have bounty programs that reward ethical hackers who spot vulnerabilities and report them.
Can blockchain protocols be compromised? Yes, they can. Here are some final points to consider:
- It needs to be mentioned that blockchain can improve security and deliver a more efficient system, but there will always be criminal actors who will do anything to compromise decentralized protocols.
- Another problem is human awareness. In general, people are not always on the lookout and are sometimes responsible for exposing the blockchain network.
- The majority of the breaches involving blockchain have been due to negligence and nothing to do with the strength of blockchain’s security.
- Blockchain protocols are still an experiment and they need more time before they can become as robust as they should.