status

Understanding Blockchain Security

Published 15.12.2023

Security is a comprehensive topic. It includes protection against the creation of new coins out of thin air, decentralization, consensus protocol, ledger immutability, transaction security, privacy, self-custody of assets, Sybil attacks, resistance to various attacks, governance, and security budget. Blockchain is a complex system in which some components rely on the security of others. Dependencies are sometimes not obvious at first glance. The article aims to show beginners the scope of the topic and inspire them to further study. We won't go into the details. Many topics are covered in detail in our older articles. The goal is for the reader to understand that security is not about one topic (the 51% attack) and that it is necessary to think about it comprehensively.

User Requirements

People have to trust the system they choose to use. They have certain expectations and they must be met. The relationship between security and trust is fundamental and symbiotic. Security mechanisms are essential for establishing and maintaining trust among users and the system to which the network consensus participants and the team belong.

People use the network through a blockchain wallet. They must realize that they trust the software (protocol) that is maintained by the team. Governance, which can take different forms, falls into this category. Furthermore, users trust all consensus participants, i.e. those who produce blocks and/or delegate an expensive resource (for example, ADA coins to Cardano pools or hash rate to Bitcoin pools).

It can be said that users believe that the network is decentralized. As you will see later in the text, security often depends on decentralization.

What are people's expectations?

User expectations are based on narratives and publicly available information in the media. If expectations are not met or a serious problem occurs, we can talk about a security breach.

One of the strongest narratives circulating about blockchain technology is that it is not possible (or easy) to change blockchain monetary policy or create new coins out of thin air.

Furthermore, people believe that if they use self-custody wallets, no one in the world can steal their assets, change their balance, or prevent them from spending assets. They, and only they, can spend their assets through transactions.

Coins can be spent at any time, so the network must never stop. A blockchain network must be robust and resistant to various attacks. No one should be able to freeze user accounts, create invalid transactions that would allow the transfer of coins to another address (without a valid signature of the owner), or inflate the amount of coins.

Network availability is related to long-term economic sustainability. Consensus participants must be financially rewarded for working for the network. This means that security is dependent on monetary policy and rewarding mechanisms.

Let's summarize. Security requirements are placed on:

  • Team and governance. Ability to fix bugs and address deficiencies.
  • The quality of the source code (there must be no vulnerabilities in it).
  • Honest behavior of consensus participants (block producers and delegators).
  • Network consensus. It must ensure continuity, the immutability of blockchain history, and data integrity.
  • Decentralization (distribution of decision-making power).
  • Economic sustainability and rewarding mechanism. This contributes to ensuring the fair behavior of consensus participants and the longevity of the system.
  • Functionality ensures that no one (team, consensus participants, etc.) steals assets from self-custody users. In the article, we will mainly focus on transactions.

As you can see, security is a complex topic. If only one of the mentioned points is somehow non-functional, unreliable, or reduced, the assets of users are in some way threatened. This does not necessarily mean that they can lose assets. It means, for example, that they may face various restrictions when using the network, or that someone has gained benefits (transaction prioritization, MEW attack, etc), so fairness or correctness is not ensured.

More points could be added to the list above. For example, privacy, regulatory clarity, and self-custody (there are many attacks on users). Self-custody of assets concerns the users rather than the blockchain itself. That is why the topic is not covered.

Cardano is an SC platform, so another broad topic could be security related to the use of DeFi services. We will not cover the topic in this article.

Let's show some examples that threaten blockchain security.

A team may try to change the rules, fail to fix bugs, or accidentally introduce new bugs. Every client can contain bugs (very likely it does, but it may not manifest itself). Consensus participants can start behaving dishonestly (censoring transactions, producing empty blocks, etc.). If the number of block producers is low (a small number has a dominant position), their dishonest behavior can have a large impact on the network. Low decentralization can lead to an external or internal attack (DDoS attack, attempt to influence the team or consensus participants). Consensus participants can leave the network if they don't get paid.

The 51% Attack

When you ask people what blockchain security is, they often say that it is resistance to the so-called 51% attack. This attack is a significant security threat to decentralization. The attack is aimed at the network consensus, i.e. at the block producers and holders of the expensive resource necessary for decentralization.

It occurs when a single entity or group gains control of more than half of the network's stake (staked coins) or computational power (hash rate). It does not necessarily have to be an external attack where the adversary tries to get more expensive resources than the honest participants. Internal abuse of power by dominant consensus participants may occur.

The high level of control undermines the basic principle of decentralization in blockchain, which is designed to prevent any one party from having too much influence on the network. One can talk about an attack on the reputation of the blockchain.

In the Bitcoin network, more than 55% of the blocks are mined by only 2 dominant pools. There is a theoretical risk that these two participants will collaborate on an internal attack, but it may never happen. Risk is not a binary variable but a scale.

Suppose an attacker gains dominance over the network's consensus. In that case, he can rewrite the history of the blockchain, spend the same coins twice (double-spend attack), censor transactions, prevent other participants from receiving a reward, etc. The details may differ for individual blockchains.

Even if an attacker gains 51% control over a blockchain network, they cannot directly steal user funds. This is because the security of individual wallets and the cryptographic keys that secure them are not compromised by a 51% attack.

While a 51% attack allows an attacker to manipulate the blockchain in certain ways it does not grant them the ability to create transactions on behalf of users or alter wallet balances. The attacker can only affect transactions that they have submitted.

Note that security is dependent on decentralization. As decentralization decreases, the risk of attack increases. If it is possible to gain dominance in holding an expensive resource, it is possible to attack the network.

Cardano's decentralization is one of the highest in crypto, with thousands of active pools and 1.3M stakers. At this point, the possibility of committing a 51% attack seems unlikely.

However, an attack on networks is always about the willingness to invest a large amount of funds in the purchase of an expensive resource or to come up with an idea of how to obtain the resource fraudulently from the current holders.

The ability to attempt a 51% attack is an inherent feature of a public blockchain. The only prevention is high costs or the complexity of committing an attack.

Security And Decentralization

Security and decentralization are closely related.

Decentralization protects the blockchain not only against a 51% attack but also against various network attacks such as a DDoS attack.

A decentralized network must have no so-called single point of failure. This would be a point in the network that could cause a problem if an attacker managed to control it or disable it successfully. If the network has a large number of pools, it is very difficult to attack it, since the attack must be carried out simultaneously on many nodes at the same time.

Furthermore, the network must be resistant to overwriting the ledger history. In addition, it is necessary to ensure data consistency across nodes.

Decentralization enhances security by distributing data across multiple nodes (a ledger is a distributed database). This makes it difficult for malicious actors to compromise the entire network, as they would need to attack a significant portion of the nodes simultaneously.

The integrity of the blockchain is maintained through cryptographic hashes and the chaining of blocks. An attacker cannot alter past transactions that are already confirmed and included in the blockchain. This would require the ability to create an alternative fraudulent chain (a series of blocks) for all pre-existing blocks from some point in the past to the latest block. This is not possible without gaining dominance in possession of an expensive resource.

As already indicated in the previous paragraph, high decentralization increases the resistance of the network against censorship of transactions. The more block producers make autonomous decisions about which transactions to include in a new block, the greater the chance that censorship will not occur. More specifically, some block producers may start censoring transactions. If their number is low (their stake or hash rate will be low), their behavior will not significantly threaten the overall functionality of the network.

It is therefore desirable to have not only a large number of block producers in the network but also a large number of delegators of an expensive resource.

If transactions were successfully censored in the network, it would be a breach of security, as some users would not be able to spend assets (from their point of view, assets would be worthless).

Resilience To Changing Client Rules

The distributed nature of consensus is important in the context of rewriting network rules. For example, it is not possible to change the monetary policy of the protocol, create new coins out of thin air, etc. Further, it is not possible to change the behavior of the client even in the sense that it would be possible to freeze user accounts or change their balances.

The team defined the client's behavior and implemented it. The source code can be found on GitHub, so it is freely available to everyone in the world. Public blockchain projects are transparent about behavior. However, it is necessary to ensure that the behavior cannot be easily changed by the attacker, or by the team.

It must not be possible to arbitrarily change the original rules but it should be possible to fix bugs.

Protocol rules are written in the client's source code. All operators in the network decide which version of the client they will run. An attacker has no chance to force the installation of a fraudulent client on all operators. Assuming that all honest participants in the consensus will run a version of the client with rules that are in line with the community's expectations and they have dominance, the attacker has no chance to change the rules of the protocol.

It is not possible to transfer coins without valid signatures (this is the client's original rule). If an invalid transaction is inserted into the block, the block will be invalid. Such a block will be discarded by honest nodes in the network. Network consensus protects monetary policy by not allowing the creation of a coin out of thin air through a transaction.

Users expect the system to ensure the immutability of monetary policy and the impossibility of manipulating their assets. This is ensured through decentralization and cryptography. If users use self-custody wallets, their funds are very well protected. Even if the blockchain network stopped for a while and then restarted, users would still own their coins and tokens.

The Solana network had to be restarted several times in the past. No one lost assets. However, if the team and block producers agreed among themselves that, for example, they would delete the last 10 blocks, assets could be lost (deleted transactions change history).

That is why the blockchain network is built in such a way that it cannot be stopped (continuity/liveness). Even if some nodes go offline, the rest of the nodes in the network can continue to actively work on consensus. However, network consensuses differ among themselves. Some prefer liveness, others correctness.

Unexpected network shutdown can only happen in case of some software bug. The Cardano network has never stopped since its launch. This is true for most other projects.

Security Budget And Rewarding Mechanism

From the point of view of users, the existence of coins and tokens is not so important, but mainly the ability to move them to another address so that they can spend them.

Users can hold assets in their wallet through a cryptographic secret (passphrase). However, this secret cannot be shared with someone else in such a way as to ensure exclusive ownership. Anyone who knows the secret is the owner of the coins.

Users are dependent on the network's ability to process the transaction, to include it in a new block, and to securely add the block to the blockchain. A blockchain transaction is the only way the original owner of assets can transfer ownership (control) of the coins to someone else. The new owner will have exclusive control over the coins.

So the network must be available, it must exist. Unfortunately, this is not a given. The existence of the network is conditional on the ability to cover the costs of operation.

The last topic we will cover is the security budget and the network's ability to pay consensus participants.

In this case, it is not an attack carried out by a third party to get rich by fraud (double-spend attack) or reduce the reputation of the blockchain. This could be a result of the ever-shrinking security budget.

The problem is easy to explain on PoW networks like Bitcoin. PoW networks need to consume a huge amount of electricity for computing power (hash rate). The costs for the operation of Bitcoin are covered by the miners. Miners receive new BTC from the Bitcoin protocol for each block mined.

The problem is that the number of BTC coins is limited to 21M and there are currently more than 19.5M coins in circulation. BTC coins are slowly running out of the reserve. With each halving of rewards, which happens every 4 years, the BTC reward per block is reduced.

Maintaining the same (or higher) hash rate is based on the assumption that the network will collect a large amount of fees and that the market value of BTC coins will continue to grow. Otherwise, miners will receive smaller and smaller rewards, which will lead to a decrease in the hash rate, i.e. a decrease in security.

Lowering security means it will be cheaper to commit a 51% attack. An outflow of miners can lead to a decrease in decentralization.

Thus, the long-term existence of blockchain networks is based on many assumptions and is not guaranteed.

Cardano and many other blockchain networks face essentially the same problem. PoS networks have the advantage of being cheaper to operate (operational costs are up to 99% lower). Cardano will release only 45B ADA coins into circulation. There are less than 9B ADA coins in the reserve.

As with Bitcoin, when the Cardano reserve is depleted, fees should be sufficient to reward SPOs and stakers.

Security budget is dangerous for users in that it is difficult to estimate future developments. The risk can increase gradually and theoretically very slowly. However, a 51% attack can come unexpectedly.

Conclusion

In the article, we focused on topics that are not so often debated in the context of security and that newcomers often don't even know about (from our experience). The article does not cover all topics and details. The goal was to show beginners the scope of this topic and point them in the right direction in their education.

The good news is that most attacks do not result in the loss of user assets. If users use self-custody wallets and can protect the cryptographic secret (passphrase), they will almost certainly not lose assets. As explained in the article, what users must be interested in is the ability to spend assets.

Featured:

Related articles

Did you enjoy this article? Other great articles by the same author