What is a Blockchain?
Author: Jake Murphy
Blockchain has recently gained attraction as many have now realised its benefits. Blockchain can aid in verifying and traceability of transactions and deliver secure transactions, reduce compliance costs, and accelerate data transfer processing. The implementation of Blockchain would benefit a wide range of industries. Fintech, Healthcare, Finance, Retail, Manufacturing, and Media are just some of the few sectors that would benefit from Blockchain integration. This post will define Blockchain, discuss the different types of Blockchains and highlight the common Blockchain attacks.
What is a Blockchain?
Depending on who you ask, you may get different definitions of a Blockchain (BC) and how it works. Nevertheless, the term ‘blockchain’ originally came from computer science as a structure for storing and distributing data. The recent cryptocurrency boom has brought attention to BC technologies and their future potential. BC can solve many problems with Web 2.0, such as achieving complete privacy, solving copyright issues, and preventing illegal activities. Multiple characteristics make blockchain applications valuable;
Implementing a distributed ledger eliminates the need for a central of authority in a network removing the ability to make unauthorised changes. All participants in the network have access to the DLT’s immutable record of transactions providing complete transparency.
Anybody involved cannot change or tamper with a transaction after it has been recorded to the DLT. Making it near impossible for any entity (Attacker or Government) to manipulate, replace or falsify data stored on the network.
A smart contract is a piece of code executed on the Blockchain and enables developers to apply logic within the Blockchain. For security purposes, it could potentially be used to set up a smart contract to detect abnormal behaviour on the Blockchain stopping a possible attack from happening or setting conditions that should be met before an exchange of funds takes place within a financial institute.
Types of Blockchain
Public Blockchain is a common BC type used in cryptocurrency, e.g., Bitcoin. It is made up of an extensive, distributed network of all parties on the BC. A cryptocurrency is a bit of unique data that cannot be replicated and can be traded between two parties on the BC network. Anyone willing to participate can, at any level, from mining, storing, and trading. Its open-source nature builds a community to maintain and secure the BC.
Private Blockchain is commonly known as distributed ledger technology (DLT). It usually does not use tokens or cryptocurrency and is often used on a tiny scale. The private BC is closely controlled as all aspects of the BC are now contained and private. Private Blockchain could be implemented into small-scale operations; for example, it could be used in a Fintech to track transactions or access control of a network.
Permissioned Blockchain is a semi-public BC. Some aspects of the network remain private and not open to all individuals, e.g., Ripple (XRP), a cryptocurrency backed by a network of banks rather than the public. There is still a native token exchanged between the distributed system, and often, most of the code is not open source.
Although fundamentally, they both utilise the same technologies, they have vastly different characteristics that must be considered when choosing a Blockchain structure. All aspects of a public BC are open to the public, making it fully decentralised, as a private BC is invite-only, making it more centralised than a public BC structure. Public BCs create a community and strengthen the overall integrity of the chain through open-source style refinement. Private BCs are suited to more data-sensitive use cases as only invited members to partake in the network. Although less decentralised and transparent, they have more control over the BC itself.
Common Blockchain Attacks
Due to the structure of a BC, conventional cyber-attacks are useless. Most cases are designed to target the central of authority to gain unauthorised access. In a peer-to-peer structure the central of authority is removed, so malicious actors have now designed attacks to exploit potential vulnerabilities in a BC.
A routing attack is an alternative styled BC attack as it targets the underlying peer-to-peer communications of the Blockchain. This attack aims to gain control of all traffic that flows between two nodes and create a partition in the network. The attacker focuses on the Border Gateway Protocol (BGP), a common protocol used to find routes to different computers on the network. BGP essentially aids a computer in finding the fastest route possible when trying to send a message across a network to another computer. Suppose an attacker manages to advertise the shortest route between two nodes on a BC. In that case, all the traffic flowing between two nodes will flow through the attacker, opening the opportunity to isolate two parts of the network.
This method of attack acknowledges that all nodes in a BC are connected and communicate constantly. An eclipse attack aims to gain control of a node in the BC for a full view of the nodes’ distributed ledger and network operations. This method of attack allows the attacker to gain a foothold into the network and perform double-spending attacks on the isolated node or obscure traffic between the nodes.
The 51% attack is the least sophisticated type of BC attack. It aims to utilize the Proof of Work (PoW) consensus algorithm. The attacker must acquire at least 51% of the BC computational power then, in theory, control the BC. In a small-scale private, PoW blockchain, e.g., Ethereum 2.0 (Consensus Layer), private BC would not need much computational power to perform a 51% attack successfully. Still, highly decentralised PoW BC’s such as Bitcoin is near impossible due to the hundreds of thousands of miner nodes validating the network.
Why are Blockchains Important?
In short, BC has made a massive impact in the financial world as of 2022. We will start to see BC implementations in the form of Decentralised applications (DAPPs). Developers and organisations will leverage BC for future projects requiring transparency and automation using smart contracts, allowing all the peers in the BC to approve a transaction, removing the central of authority for decision-making, e.g., insurance pay-outs. The rapid development of BC’s and smart contracts will result in poor security, becoming a target for Black Hats to exploit and steal native tokens that could be valuable and easy to launder through cryptocurrency tumbling. Taking the correct security measures when creating and setting up a BC or DAPP will make it very difficult for an attacker to manipulate and take advantage of the network.
Contact our team at SecuriCentrix to learn more about Blockchain architecture and security.