Blockchain has been in the center of controversies after the recent hacks resulting in loss of valuable information and billions of dollars.
Blockchain is a software run database that protects bundled information with cryptography and uses participant’s computers for storage. Initially, the blockchain revolution enabled individuals the ability to transfer money securely between them. Ethereum, another form of blockchain enabled technology created smart contracts giving users customised ability to buy Ether tokens when it drops to a particular value or even when they have a specific balance on a specified day or date.
All this may sound good but according to a study published by computing experts from the University of London the blockchain technology exhibits a plethora of vulnerabilities.
UK treasury described the market, the Wild West as Nearly a $1 Billion in blockchain based cryptocurrencies have been hacked and stolen in the first half of 2018. This is a 250% increase as compared to the entire 2017 figures.
Only a mere 8 % blockchain projects survive from the 80,000 projects launched since blockchain became a thing.
Regardless of all the promises and predictions made by the blockchain boom, it is still prone to attacks. Various instances have been noted of Sybil attacks, routing attacks, and DDoS attacks. Apart from all these the significant losses recorded so far result from bugs present in the coin software itself. Such errors pose a threat to the security of that cryptocurrency. Although not easily discoverable experienced hackers can find them and exploit them.
- Seed Generation
Blockchain requires the unique addresses, and this uniqueness comes from a random sequence generator. This random sequence generator starts with a seed in the beginning. And if this seed fails to be random, the system falls apart.
- Smart Contract Languages
Blockchain environments need own languages when developing intelligent contracts. The Ethereum platform uses the Solidity language for creating smart contracts. The developers designed Solidity to be a Turing complete language.
When developing a Turing complete language, a programmer can implement whatever they want that the underlying system is capable of handling. This gives developers the chance to implement loops in the underlying code, thus enabling blockchain to be eventually vulnerable.
Turing complete languages are complex by default, and this invites bugs and vulnerabilities.
- The re-entrancy problem
The biggest problem recorded in the blockchain security is the re-entrancy problem that the programmers coded into smart contracts. The Re-entrancy vulnerability drains an account by creating multiple expenditures for the same transaction. In a recent incident, hackers were able to exploit this hack and looted around $50 million.
Overflow is a smart exploit which hackers have used to reveal private information. For this, to work, a hacker has to feed parameters to a smart contract that is out of the range of the code for processing resulting in an evident crash. These crashes open doors for multiple exploits. A crash like this will be able to trigger a DDoS attack and end up revealing important information about the internals of the system.
Besides the above vulnerabilities, there are other factors affecting its credibility. Let’s look at a breakdown of some of the issues with blockchain that makes it very difficult to adopt.
When we talk about Blockchain taking over systems like cloud confidentiality does not look like a step up as both Blockchain and centralised database like cloud can use sophisticated encryption. Also, a centralised database can remain disconnected entirely from the outer world.
- Environmental cost
If we consider how Blockchain processes, it poses many environmental issues. Blockchain heavily relies on sophisticated encryption for security reasons as well as to establish a consensus over a distributed network. To simply put for giving a user permission to write to the chain, the computer has to run complex algorithms, which needs a lot of computing power. This comes at a cost as storing all this duplicated data on multiple computers drains a lot of power and storage space. This is a problem when you want to store media files like videos, images, and heavy pdf data like manuals and designs. At present only a centralised server infrastructure like the cloud is a solution for such type of content.
- Blockchain is slow
Additionally, Blockchain being so complex and distributed requires a lot of time to process as compared to “traditional” systems running on cloud architecture. This ¬¬extends to other blockchain networks that are used for other purposes than storage, like for, e.g. interactions in an Internet of Things environment. These Blockchains are indeed just data files in the end, and they have the eventually slow down the system and the process as they grow in size with the number of computers adding in the chain of networks. Thus its establishment contributes hugely in its eventual demise.
At present exchange transparency and peer to peer transaction may be the buzzwords but removing the middleman creates a huge hole in the economic structure as banks are making profits by being the middleman and as the cost is divided among millions of customers the end user ends up paying very little contributing to a large employment structure.
We have to acknowledge that blockchain architecture is well-suited as record-system for certain industries that require to store or modify the specific type of data but it is still not as stable or secure as a centralised database like cloud services. Cloud is still the best option for heavy content oriented industries like Legal, Banking, or the Energy Sector.
- Discover How: IoT Drives the Future of Banking & Financial Industry - August 24, 2020
- SD-WAN Securing Dynamic Networks - June 10, 2020
- How Secure is Serverless Computing? - April 26, 2019