Blockchain security issues and vulnerabilities

Blockchain has become one of the most recognized terms in recent years thanks to the rise of Bitcoin. Many understand that this technology is associated with crypto, but few realize the potential of such a secure ledger technology, which holds the key to a transformation of commerce, information, and governance the world over! Even fewer people are aware of the blockchain security issues and vulnerabilities that this revolutionary technology has.

Out of thin air?

In 2008 the world witnessed a monumental collapse of the financial industry. People everywhere were impacted and wanted answers. What did this? Who was to blame? Most importantly, what was the solution? We all questioned whether or not bailing out the very institutions responsible for the collapse was the right way forward. Then it appeared! Released completely anonymously and without anyone’s permission, it barely made a splash. Yet, there it was, making tiny ripples that grew into the fervor of decentralized digital currency driven by this novel technology called “Blockchain” – beautiful in its simplicity and unrivaled in its security! But what is it, what are its implications for the future of society, and what risks might be lurking just beneath the surface?

The blockchain is hailed as the most secure technology that exists today, and rightfully so. Security had to be the most important factor to consider in the development of a viable digital money system. Security alone, however, does not solve the issues of centralization and trust that were the primary factors which allowed for the financial meltdown. The blockchain is a powerful synthesis of these two considerations. The concepts that makeup blockchain are not new. It is built on a combination of cryptography and Person-to-Person (P2P) networks. Cryptography is implemented in a multilayered, multi-keyed, system which protects individuals from loss of personal information or financial holdings. P2P networks allow users to share anything from small files all the way to full software programs and the most famous instance of P2P was Napster when it first emerged. The idea behind Bitcoin was to cut out all “middlemen” in the form of banking and credit institutions and allow people to buy, sell, trade and share directly with one another and so P2P was the best starting point to build from.

Greater than the sum of its parts

Now, this where the real security (and beauty) of blockchain comes into play. Blockchain at its very core is nothing more than a ledger. It is a ledger that keeps track of every transaction made within the network and can not be altered or “cooked” by any outside entity. When a new “block” of transactions formed, it must be agreed upon as accurate by the entire community operating on the blockchain. In the case of Bitcoin, for instance, the community is huge with many thousands of “nodes” or individual computers keeping separate but identical copies of the chain. This means that if someone were to attempt to change the ledger in any way, the discrepancy would be noticed and rejected by the rest of the network. It would, in theory, require an enormous amount of computing power and god-like timing in order to successfully get an altered version of a blockchain past the network. The more blocks that are added, the closer to impossible the task becomes.

The genius part of this whole system is that, by implementing the security measures in this way, it is actually more profitable for a would-be attacker with sufficient computational power to actually play by the rules. It is in this way that blockchain is the most secure as it incentivizes good behavior, so to speak. If however a group, such as financial institutions or governments opposed to this technology, wanted to act maliciously to undermine blockchain or to break individuals faith in it – there is a way that they can succeed. In what is known as a 51% attack, the hackers are able to gain control of more than half of the network, therefore allowing for all kinds of manipulation of the blockchain going forward. This type of attack is rare and occurs mostly on smaller or newer blockchains with a small network of nodes, however, it is the first very real vulnerability to be discovered in the otherwise secure technology. Unfortunately, it is not the only one.

As this technology becomes more popular and more adaptable to an infinite amount of uses, it also becomes more complex. In the beginning, blockchain was fairly simple; it recorded transactions on a decentralized P2P network and rewarded users for participating in securing it. One of the first “improvements” to be made came with the creation of Ethereum which allowed for the creation of “smart contracts” on the chain. These secured contracts carry out all terms automatically and replace the need to trust another party to uphold their end. This has obvious benefits and is a clear way to build contracts going into the future, however, it has also been found to be one of the more vulnerable aspects of blockchain tech. A team of computing experts from the National University of Singapore and University College London carried out a study looking for contracts attackers could manipulate to lock funds indefinitely, force the leak of funds randomly, or simply terminate. Their analysis tool flagged 34,200 contracts out of one million that were susceptible to attack. The team then manually analyzed 3,759 contracts and found they could exploit vulnerabilities in 3,686 of them.

Going forward

The blockchain is the future. There is very little doubt about that. It holds far too much promise for rooting out corruption and effectively securing information of all kind, freely accessible within reason to anyone wishing to participate in the system. It isn’t perfect yet and it may never be. Every improvement is bound to create new problems to solve. However, if we can remain diligent and honest about the vulnerabilities that exist as well as the ones that may appear later, we can definitely solve these issues and maintain faith in this incredible technology as it slowly begins to transform our lives. It hasn’t even been noticed by that many people but the global financial industry has irrevocably changed already a result of this technology. If we can do the same with government and trade, as subtle as it may seem when it happens – the world will absolutely be a better place. Welcome to future – open source, decentralized and free!