How Secure is Blockchain: Security of Blockchain Technology

Blockchain is positioned as the safest way to store information, which eliminates the theft of important data, fraudulent activities, protects property rights, and the like. In the article we will diligently resolve new technology into its components and see how much truth in this thesis and how much advertising.

General information

Blockchain is an architecture for building databases that, in addition to storing information, can serve as a source of "truth." This gives confidence that the information in the system is genuine and cannot be changed without the consent of all interested parties, which excludes the possibility of undesirable and fraudulent actions.

In practical use, the blockchain is considered as a secure, infinite journal of financial (or other) transactions that can be used for monetary transactions and practically everything that has a formal value. The safety of the technology is due to three factors:

• distribution register;
• cryptographic encryption;
• consensus algorithm.

The complex interaction of these characteristics is what protects the blockchain from external threats and solves the so-called «Byzantine Generals problem». This is a cryptological most important task, the successful solution of which should ensure the stability of the system in the conditions of internal competition and the likely "betrayal" of its participants.

Technical description

The basis of the blockchain technology in distributed information storage - the network database is not stored on shared servers, but on millions of computers located in different parts of the planet.

There are two types of participants in the blockchain network:

1. Full nodes (validators or miners). Participants (nodes) that verify the authenticity of data by matching records of new transactions with previous ones.
2. Simple nodes (they are ordinary members, users). Regular participants perform financial or other transactions, such as transferring money. The transaction record (amount, recipient's address, commission) is sent to the blockchain network, where it is already considered a transaction.

In the course of their activities, validators form new blocks from the accumulated queue of transactions made by users. A block is an aggregated data set, a container that aggregates transactions for inclusion in a distribution registry. Data is collected and processed for block placement using a process called mining. The speed at which the block is created and the number of transaction records it may contain depends on the specific blockchain.

The system forms an ordered “back” structure from the blocks. A block in such a structure can be identified using a cryptographic hash (also known as a digital fingerprint) - an algorithm (a secret key, or a hash key) for encrypting data using cryptography. Data is decrypted by using the same key or another, also generated using cryptography. Thus, all data can be linked through a linked list structure.

The hash key is generated randomly using a cryptographic algorithm (for example, SHA256 in the Bitcoin network), and the ordering “back” is done via a link to the parent block in the field called the “hash of the previous block”, which is written in the header of each block (except the first one). Thus, it turns out that each block contains a hash of its “father” within its own header.

The sequence of hashes, as a rule, creates a single chain of blocks, which stretches to the very first block ever created - the genesis block. The genesis block is unchanged in any blockchain and is the foundation for the “source of truth” network.

This foundation is based on the fact that if the parent block receives any changes, its hash changes, which also leads to a change in the hash of the subsidiary block and a change in the “hash of the previous block” link. This, in turn, changes the hash of the subsidiary block itself, which, in turn, changes the links in the previous block, which, in turn, changes the hash of its previous block, and so on...

This cascade effect ensures that if the network has many generations, then it cannot be changed (hacked) without changing all subsequent blocks, since this requires the use of huge computational power. Or, in other words, the longer the block chain, the safer the system.

What's inside the block

The block consists of a header (Head) containing metadata. Next comes a long list of transactions (Payload), which occupies most of the total volume of the block. So, at the start, the Bitcoin block could accommodate more than 500 transactions, since it was 80 bytes (now the size is larger), and the transactions required 250 bytes each.

The contents of the blocks that were attached to the chain cannot be changed or deleted. In general, any change in data (for example, on transfers of cryptocoins in the Bitcoin network) in the blockchain is impossible in principle. The system only allows you to add new blocks that summarize the final "balance" of information. This is an important blockchain feature that ensures the security of asset history, for example, the history of transactions on the Bitcoin network.

At the same time, the blockchain is much more reliable than any ledger or any banking register of operations, since, as already noted, copies of the blockchain are stored on many computers (servers). To crack such a network, you need to take control of more than half of the complete nodes of the system. For example, in the case of Bitcoin, this means that millions of users' computers need to be hacked.

How are the blocks connected to each other

The block header contains the following information:

• hash of the block header;
• hash of the parent block;
• hash of all transactions recorded in the block;
• date and time of block creation;
• parameters bits and nonce;
• block version.

The block header hash is what connects the previous block, followed in the blockchain chain. It is written to the next block as a hash code in the header of the parent block. The header also contains the transaction hash of the current block. It is calculated using an algorithm known as the Merkle tree or binary hash tree.

At the bottom level of the tree, each transaction has a node that contains its hash value. After that, the tree is built in such a way that the parent node has the value of the hash of the data contained in its subsidiary elements, connecting together.

The Merkle tree data structure allows for a quick check by building a tree path from the lower level to the root node. Since each transaction output can only be carried out once while it is consumed, it can be removed from the tree structure using certain clipping algorithms. Thus, it is possible to reduce disk space usage without affecting the check function.

It works like this:

1. First, hashes of all transactions are calculated.
2. Then the sum of all hashes of transaction pairs is calculated.
3. Further are calculated the hashes of the sum of the received pairs of hashes, and so on, following the same scheme until a single hash is received, which will be the transaction hash in the block.

Headers allow you to track the integrity of the content of the blocks themselves.

As mentioned earlier, the Bitcoin network blockchain is a database that records and stores information about transactions of virtual coins (bitcoins). The transaction in such a network in a simplified representation has the following form:

From <address 1> send <N> bitcoins to <address 2>

In a computer code, a transaction recorded in a blockchain block is somewhat more complicated, since the Bitcoin protocol operates with such concepts as Inputs (Inputs or In) and Outputs (Outputs or Out).

In digital currency, new transactions through Inputs (one or more) refer to Outputs (one or more) of previous transactions and form Outputs (also one or more) for use in the next transactions.

Genesis block

The first blockchain block is called a genesis block. In the Bitcoin network, such a block was created in 2009, it is the common predecessor of all the blocks in this ecosystem. This means that if you select any block and trace the chain back in time, you will eventually come to the block of genesis. Each blockchain chain always starts from at least one block, and since the genesis block is encoded statically in the client software of any blockchain (this is its starting point), it cannot be modified.

Consequently, each node always “knows” the hash of the genesis block and its structure, the fixed time when it was created, as well as a single transaction in this block. Thus, each node has a starting point for the blockchain - the “root” of security, from which you can build a reliable and secure database. The following hash corresponds to the genesis block of the Bitcoin network:

Or this (if you use the basic Bitcoin Core client with the Windows command line):

Interesting fact. The Bitcoin genesis block contains a hidden message: "Times 03 / Jan / 2009 Minister of Economy at the turn of the second round in bank rescue." This is a symbolic message that contains a link to the headline of the British newspaper The Times. This is a reference to the importance of creating a reliable, secure and independent monetary system, such as Bitcoin, which will be a “haven” of stability in times of financial crisis. This message was laid in the first block of Satoshi Nakamoto, the creator of Bitcoin.

In addition to Satoshi’s message, there are other messages in the blockchain. Usually these are comic or advertising texts, but there are exceptions: a message to Nelson Mandela, links to pornographic content, criminal sites on the darknet, and even a miner’s prayer.

Blockchain transaction

Since transactions in the blockchain are essentially operations with cryptocurrency, for example, Bitcoins, the structure of a transaction (a sequence of digital signatures) can be visualized as follows:

The participant’s public key is the actual address where a certain amount of funds should be transferred. The transaction hash is the instruction itself, it contains information about the amount of the transfer and where it goes. And most importantly, where did the money come from, which needs to be transferred, so the figure shows the arrows coming from the previous transaction.

The signature of the participant is similar to the signature on the check, which with the help of the secret key confirms the authority of the user as the owner of the funds. If the public key can be distributed to everyone, then the secret key should be kept with you. This key provides full access to account transactions. It looks like a plastic card (public key), it can be shown, even inserted into an ATM, however, you will need a PIN code (secret key) to withdraw money.

Access control

Bitcoin blockchain is a publicly available network. This means that all participants in the system are equal and have equal access rights to the chain, which allow you to read information in the chain and add new blocks. That is, all users have full access to the chain. Such networks are created when they want to achieve decentralization and transparency, for example, in financial transactions or real estate transactions.

However, this is not always appropriate, since in reality the world is full of data whose distribution is undesirable. An example is information about human health. Only the patient and people or organizations that the patient has granted access to, for example, relatives, individual doctors and hospitals, should have access to it. In such a scenario, only a trusted host can add information to the network and view it completely.

Depending on who can become a full node, blockchains are divided into three types: centralized (private), decentralized (public) and divided (consortiums).

Centralized

Description. The network is maintained and controlled by the central site. Only he has the right to check transactions and generate blocks. This increases the speed of operations and management decisions, but makes the system unstable: any failure on the central node will bring down the entire system.

Examples: Hyperledger is a blockchain for closed corporate solutions, Multichain is a platform for private blockchains.

Features:

• more confidential and much faster than public networks;
• minimal transaction costs;
• simple transaction confirmation.

Decentralized

Description. Controls and powers are diversified between equal validators. Any user can become a validator if he downloads the blockchain distribution. Freedom of entry and the presence of a reward for maintaining network performance makes the position of the validator popular, and the system less susceptible to failure, since disabling one node does not lead to a fall in the entire system.

Examples: Bitcoin, Litecoin, Ethereum.

Features:

• minimum fees;
• maximum speed.

Consortiums

Description. The system is managed and maintained by a separate group of privileged nodes. Reliability, speed and security is something between private and public blockchains. This form of management is usually chosen by banks and large corporations.

Examples: R3 CEV LLC - Finance, EWF - Energy, B3i - Insurance.

Features:

• operation of the system is maintained by regular users;
• difficult to hack, because you need to control 51% of the nodes;
• there is no need for central structures - guarantors.