Is Blockchain really tamper-proof?

source

The short answer is no. Not even Bitcoin — it is only computationally hard to tamper the ledger. If 51% of the miners decide to rewrite the ledger it would be possible.

We here at Sahaj, have been working for a customer, on a solution on top of Ethereum. We are using Solidity to write the smart contracts.

Even in Ethereum, the underlying ledger is not theoritically tamper-proof since the nodes could collude to tamper the ledger or even rewrite the entire chain. We had to consider the following:

A group of nodes are malicious: Can introduce changes on smart contracts or change data stored on a smart contract

A few options we are exploring:

1. For a private, permissioned blockchain, we can ensure the miner nodes are trusted nodes — these are the nodes capable of submitting new transactions, adding new accounts, deploying smart contracts etc. There is no way the trustless nodes can tamper the state. Once the network grows in size and economies of scale kicks in, feasibility of collusion will be harder.
2. Proof of Authority — PoA is a very simple protocol, where instead of miners racing to find a solution to a difficult problem, authorized signers (trusted/verified authorities whose reputation is at stake) can at any time at their own discretion create new blocks. Any new node that requires the authority to seal blocks (read as mine) on the network, will need to be voted by the currently approved set of authority nodes. To ensure a malicious signer cannot harm the network, any given signer can sign utmost one in k blocks (floor(SIGNER_COUNT/2) +1). Similar voting consensus is required to remove a authority node from the network. The Ethereum PoA protocol is called Clique and currently used on the Rinkeby test network. Proof-of-Authority is a good fit for private networks but not at all suited for public networks where the trust should be as distributed as possible.
3. One other option would be to require a hash of the ledger state to be periodically published to an external entity, say one of the public blockchains — Ethereum/Bitcoin. This would enable an auditor to detect tampering since it would lead to a change in the hash of the state of the ledger. One issue here is pin pointing where the tampering started, the forks divulged and point out the colluding parties in the fraud.