Blockchain Security and How to Mitigate
Blockchain and cryptocurrencies are transforming the way we make transactions and share data. Even though there has been fast advances in this sector in the past 10 years, there still remains obstacles that projects must overcome prior to being widely accepted — most significant of all is blockchain security.
The main priority as a user is to protect the cryptographic keys of a wallet. Some of these issues have been solved by using specialized hardware wallets and trusted computers that provide a security-conscious individual a certain degree of security to protect their digital assets.
For a project, the main priority is keeping the network secure from attacks. Most people assume that all blockchain technologies are secure by nature due to their trustless or decentralized models — trust bestowed on these systems comes from the process of transaction confirmation rather than trusting a single individual. As of now, Bitcoin is considered to be the blockchain with highest security which is derived from its combined computing power.
What is Blockchain and its Benefits?
Simply put, a blockchain is a distributed ledger that provides historical data of all transactions that have taken place on the peer to peer network. There are different types of blockchains and algorithms that protect them.
The way it works is by having a block containing data being processed by a specialized server that verifies the information and afterwards it broadcasts the block to the rest of the network. Once processed and accepted by the network, a block is linked to the previous block to for a linear chronological chain of events. This innovative solution enables the creation of trustless networks.
By using a blockchain network unrelated parties can exchange value or data without pre-existing trust, middleman, or centralized control. Bitcoin is the best example of this type of network. In the case of cryptocurrency, blockchain has urged a mechanism to transact value without third parties such as PayPal or banks.
Blockchain Security
Decentralized networks like Bitcoin and Ethereum rely on “honest” participants holding 51% of the computing power of the network to process the blocks containing the latest data that will be accepted into the ledger. All of the honest participants or “nodes” work together to confirm the chronological order of all transactions on the network to validate or reject a transaction. In doing so, the network creates an immutable registry of all transactions and balances at any given block height.
When bad actors are able to control 51% or more of the network’s computing power it gives them the ability to effectively rewrite the history of previous transactions and are able to get back spent cryptocurrency. This is known as double spending and it’s becoming an important issue that many projects are tackling. An example of a successful 51% attack was seen on January 10th, 2019 when the ETC blockchain was attacked.
There is no need to explain the significance and concern around these types of attacks. Being able to roll-back transactions to effectively defraud exchanges, and merchants is not ideal. Moreover, the cost of executing a 51% attack is not as high as one would think. As seen on https://www.crypto51.app/ a bad actor can sustain a 51% attack for over an hour for less than $10,000.
Even though all of this information might seem scary from an outsider’s point of view, there have been projects working on solutions to double spending and 51% attacks for all blockchains regardless of their computing power.
Using Bitcoin to Secure Your Blockchain
The reality is that most blockchains are not secure. Most blockchains with less hashrate than Bitcoin are susceptible to 51% attacks. Taking this into account, if we could successfully re-use or recycle Bitcoin’s computing power we could also protect other blockchains without necessarily having to sustain a network as large as Bitcoin.
One of the solutions that was brought forth in 2016 to combat double spending came from the Komodo project. The mechanism works by using a network of 64 nodes spread across the globe. These nodes are elected by the community annually. These nodes have one function, to take the latest block data from the Komodo and storing it on the Bitcoin blockchain. The data stored on the Bitcoin blockchain effectively gives Komodo nodes an “anchor” to which it can reference to find the latest “legal” block in case of an attack.
Komodo stamps or “notarizes” the block data via a function native to Bitcoin known as op_return. This means that to store data on the Bitcoin ledger it costs a small amount of BTC. This was taken into account when Komodo was launched and a great part of the ICO funds were dedicated for the sustainability of the blockchain security consensus called dPoW. Every ten minutes a Komodo notary node writes a new anchor point into the Bitcoin blockchain.
In essence, to execute a double spend attack on Komodo an attacker would need to rewrite the Komodo chain, they would need to control most of the notary network, and in addition to this they would need to rewrite the Bitcoin checkpoints. What is even more impressive is that Komodo is a tokenization platform that allows projects to launch a token or cryptocurrency with the same level of security. Currently the Komodo network is protecting more than 20 blockchains.
How Do Notarizations or Checkpoints Prevent Double Spending?
Having the notary network and having checkpoints on the Bitcoin ledger are not enough to prevent double spend attacks. Each checkpoint is notarized every 10 minutes in the case of Komodo, which gives an attacker plenty of time to overtake a blockchain with low computing power.
Therefore the exchanges will play an imporant role in the prevention of double spending attacks. During an attack, a hacker is able to rewrite the blockchain and confirm new blocks at a faster or slower pace. To prevent an attack the exchanges could monitor the Bitcoin notarizations instead of traditional block confirmations.
As of now, Komodo has the most efficient solution to preventing double spend attacks at little cost and low bloat on the Bitcoin network. It’s important to mention that other solutions such as Veriblock’s PoP work in a similar way. However, there seems to be controversy with Veriblock taking up 20% of Bitcoin transactions with their op_return checkpoints — arguably creating bloat.
Interestingly, Komodo’s solution enables them to secure an unlimited amount of blockchains without increasing the notarization sizes or amounts. Thus, reducing the bloat on the Bitcoin network. In a sense, Komodo could be used to scale sidechains and making Bitcoin more environmentally friendly by recycling its computing power.
How to Protect My Blockchain with Bitcoin Checkpoints?
The biggest danger from a successful double spending attack are the damages to the project’s reputation and most of the time it results in lost funds for investors and merchants. That is the reason why you should not take the subject of blockchain security lightly.
Even though Komodo’s solution isn’t perfect, it is the simplest and most cost efficient way of adding a robust security layer backed by Bitcoin’s computing power.
Service providers like Chainzilla.io can help your project integrate Komodo’s blockchain security. Join the list of projects already using Komodo’s blockchain security including Game Credits and Einstenium.
If you want to protect your blockchain using Bitcoin notarizations reach out to us at hello@chainzilla.io and our specialists will walk you through the process.
References:
Anatomy of a 51% attack and list of successfull double spends: https://komodoplatform.com/51-attack-how-komodo-can-help-prevent-one/
dPoW: https://komodoplatform.com/security-delayed-proof-of-work-dpow/
Veriblock PoP: https://www.forbes.com/sites/ktorpey/2019/01/09/a-new-blockchain-project-is-generating-20-of-daily-bitcoin-transactions/
