Blockchain is full of superlatives. The most verifiable, most immutable, most 21st century way to transfer value.
But one of the most widely used superlatives to describe this technology is “most secure.” The idea that blockchain technology finally has a resolute answer to the age-old challenge of secure transactions has an eager audience.
So, Ryan Spanier’s interview with Eléanor Payró of CNN Money Switzerland is timely as he unpacks some of the issues around blockchain security.
- Blockchain networks are hackable. Beyond standard software vulnerabilities, the trust model of a blockchain network can be attacked through a “51% attack.” The goal of this attack is to control the majority of the resources/stake on a blockchain network. If you control the majority, you can define what truth is on the network. For cryptocurrencies, this can result in double spend attacks. Large blockchain networks, such as Bitcoin, are less vulnerable because they require the co-option of significant resources, which soundly outweigh the rewards earned from mining. Check out crypto51.org to see how expensive it would be to acquire 51% of the top cryptocurrency networks. However, other alt-coin networks could be attacked with less than $1,000.
- Blockchain networks also rely on the security of the users. For example, a user needs to secure their private key themselves. If this key is exposed, then an attacker assumes the identity of the user to e.g. spend money from their wallet.
- Secure smart contracts are extremely complex and difficult to develop.
Pressure to shrink time-to-market, the complexity of technology and the lack of a mature blockchain software development library and SDKs as a reference, all contribute to the introduction of vulnerabilities.
You can watch the CNN Money Switzerland video here:
Find out more about Kudelski Security’s crypto assessment services, algorithm design and implementation, and custom development.