Blockchain community, we need to talk about security.
Recent attacks on public blockchains demonstrate why we should be talking about security today.
Blockchains aren’t magic, they work because of a system of carefully structured incentives. When those break down so do the benefits of blockchains.
Last week a rogue party was able to gain control of more than 51% of the hashpower on the Ethereum Classic Network, and was thereby able to double-spend ETC, the underlying asset.
The mechanics of this are fairly technical, but practically this means that a single party had gained enough hashpower to rewrite a chain’s history, thereby rendering the core benefits of decentralization and immutability null. In the case of Ethereum Classic, this attack meant swindling a lot of centralized exchanges by making it look like they were sent coins only to rewrite the blocks later.
Ethereum Classic’s attack isn’t an isolated event either, some $20m was double spent in 2018 by 51% attacks, and with prices falling miners are sure to shut down their equipment, thereby reducing hashpower allocated to networks and increasing the amount of hashpower free for renting. 2019 is gonna be a bumpy ride.
This is a good time to think about the security of your blockchain implementation and the possible attack vectors.
Private blockchains are popular in the healthcare space, partly because it is so nascent, partly because healthcare is so complex, and partly because of regulatory sensitivity. Unless you’re using a private Proof of Work (PoW) blockchain (and I’m not sure why you would be) then the security risks are different than for the big PoW public blockchains like Bitcoin and Ethereum.
In particular private blockchains use consensus algorithms that leverage reputation to a greater degree than their public PoW counterparts. The idea being that because participants in a private blockchain are known entities with real world reputations at stake, they will have an incentive to act honestly. This requires a level of trust in your peers that public PoW chains don’t assume, but in return offers privacy and transaction throughput that public PoW chains can’t match.
The basic idea behind an attack is the same for both networks: gain enough control to be able to unilaterally change blocks in your favor. In PoW chains this means having 51%+ of the hashpower. In private chains using, say, Proof of Authority, this means a majority of the nodes acting dishonestly. There are two simple ways this could happen:
- A single party forcefully gains control over a majority of nodes (i.e uses a virus or something to that effect).
- A majority of independent nodes collude.
If (1) or (2) has been achieved then all purported benefits of decentralization disappear. Transactions can be censored and blocks can be effectively rolled back.
OK, so why does this matter? Let’s look at an example.
Consider a consortium of innovative insurance companies which use a private blockchain to record which policies their consumers purchase. Individual A hears about this great new offering and runs to purchase a plan, and this purchase is recorded as a transaction on the consortium’s blockchain.
A week later individual A suffers a medical emergency which, as it turns out, isn’t covered by their plan and is now facing massive bills. Individual A happens to be a sophisticated computer programmer, and through the use of a few 0day exploits purchased on the darknet, gains control over a majority of nodes on the consortium’s private blockchain. This wasn’t very hard, as there were only 5 nodes anyway.
Having majority control, Individual A rolls back the chain and changes a single transaction: they change the plan they originally signed up for into one that would cover their medical emergency. Having accomplished this, Individual A then files a claim. The relevant insurance company checks the blockchain, which now says that Individual A purchased a plan a week ago that would cover them and Individual A gets their medical expenses fully covered! The consortium thought their private blockchain was immutable and relied on it as a single source of truth, and as such was oblivious to Individual A’s antics.
This sort of thing isn’t supposed to be possible, because blockchains are supposed to be immutable, but that’s not entirely true. Blockchains use a system of incentives to ensure miners are acting honestly, but it is important to remember that there are cases when that system can break down.
Right now the stakes are pretty low. No private blockchain is critical infrastructure or has serious economic activity on top of it. But when hundreds of thousands of patients manage access to their health data with a blockchain and billions of dollars in claims payments through a blockchain then there are huge incentives to attack a blockchain. And people will inevitably try, both from outside (e.g hackers) and inside (dishonest collusion).
To begin thinking about the security of your implementation here are some basic questions you should be asking:
- What consensus algorithm are you using?
- What are the common attack vectors?
- Who are the participants in your network?
- What are their incentives to act honestly?
- What are their incentives to act dishonestly?
- How many actors would need to act dishonestly to affect the chain?
- What is the extent of the damage they can do?
- Is your broader network secure from cyberattacks?
If we want blockchain in healthcare (and beyond!) to succeed then we need to be more thoughtful about security. After all, the purported benefits of blockchains simply don’t exist if they aren’t secure in the first place. I expect this to be a more prominent narrative in 2019 as more public blockchains are attacked and more blockchain in healthcare solutions are rolled out.