Blockchain Systems

Introduction to Blockchain Vulnerabilities

  • Overview of Blockchain systems vulnerabilities and exploits.

Centralized Systems in Our Economy

  • Centralized systems have inherent weaknesses:

    • Prone to single points of failure.

    • Lack scalability.

    • Higher operational costs.

  • Example of Centralized Systems:

    • Central banks manage currency, impacting issues like devaluation and corruption.

    • Companies like Apple and Facebook started as centralized systems, which introduce conflicts of interest requiring regulation (e.g., data privacy issues, major outages).

De-Centralized Systems in Our Digital Economy

  • Advantages of decentralized systems:

    • No single point of failure, enhancing reliability.

    • Better scalability and reduced costs.

    • Improved privacy control for individuals (transactions are distributed).

  • Examples of decentralized systems:

    • BitTorrent, Dropbox, Energy Grid 2.0, decentralized payment systems, and Blockchain.

Transition from Centralized to De-Centralized Ledgers

  • Shift to DeFi (Decentralized Finance):

    • Participants must agree on changes to the ledger (consensus).

Main Objective of Blockchain

  • Distributing trust across the system:

    • Addresses the weakest-link security issue in small groups versus strong security in large groups.

How Blockchain Works

  • Example Transaction Validation Process:

    • A initiates a transaction to send money to B.

    • The transaction is represented as a block and broadcasted to network nodes.

    • Miners approve the transaction, which is then added to the blockchain.

    • B receives the funds after approval.

What is a Blockchain?

  • Definition:

    • A secured, distributed ledger that prevents unauthorized data changes.

  • Key Features:

    • Achieves consensus through mining.

    • Determines membership for ledger access and modification.

  • Blockchain networks:

    • Comprise multiple computers that validate transactions, eliminating third-party intermediaries (smart contracts).

  • Suited for secure information storage (money, votes, rights).

What is a Block?

  • Structure of a block:

    • Contains sender, receiver information, and transaction details.

    • The first block is called the Genesis block.

    • Each new block links to the previous one.

Contents of a Block

  • Unique hash for each block:

    • Format changes to hash upon any alteration of block contents.

    • Links each block to its predecessor (except the Genesis block).

Blockchain Security

  • Security Challenge:

    • Altering Block 2 invalidates Block 3 and the rest.

    • Attackers can tamper with blocks and must recalculate hashes to validate.

  • Solutions:

    • Proof-of-Work (PoW) makes block tampering computationally challenging.

    • Encrypting block contents enhances security.

Distributed P2P Network

  • Characteristics:

    • Everyone can join the network as a node.

    • New blocks sent to all nodes for integrity and consensus.

  • Consensus protocols help maintain the blockchain's security and integrity.

Proof of Work

  • Definition:

    • A complex problem solving method that increases effort for block creation.

  • Process:

    • Difficult to tamper with blocks—change one, recalculate PoW for all subsequent.

    • Bitcoin examples—about 10 minutes to compute PoW for adding a new block.

Financial Blockchain Example

  • Mechanics of Proof of Work:

    • Computational challenges are time-consuming but verification is quick.

    • Agreement among nodes on computational results drives blockchain functioning.

Tampering with a Block

  • Difficulty of successful tampering:

    • Tampering requires redoing PoW for every affected block.

    • Control over 50% of the network needed for consensus.

    • Mitigation through the complexity of blockchain dynamics.

Merkle Tree

  • Purpose:

    • Efficient organization of transactions by hashing transactional data to create a summary (Merkle root).

    • Used to avoid downloading the entire blockchain for transaction verification.

Blockchain Vulnerabilities and Mitigations

51% Attack

  • Definition:

    • Occurs when an entity controls more than 50% of hashing power.

  • Mitigation Strategies:

    • Implementing delays for privately mined blocks.

    • Komodo’s notarization approach to anchor blocks to ensure integrity.

Double Spend Attack

  • Concept:

    • Using the same cryptocurrency for multiple transactions.

    • Exploited through race conditions or 51% attacks.

  • Mitigations:

    • Utilize proof-of-work processes for transaction confirmations.

DDoS Attack

  • Characteristics:

    • Common attacks on blockchain networks targeting mining pools and exchanges.

  • Mitigation Techniques:

    • Hiring decentralized bandwidth to manage and counteract DDoS.

    • Implementing within dark web or using “TOR” to hide IP addresses.

Conclusion and Summary

  • A decentralized system with distributed ledger significantly enhances integrity and security through:

    • Interdependent block hashes.

    • Proof-of-Work reducing block approval times.

    • Efficient transaction verification via Merkle trees.

  • Addressed vulnerabilities include:

    • 51% Attacks, Double Spending, and DDoS attacks with corresponding mitigation approaches.

Gentle Reminder

  • Class schedule adjustment for ACW3 MCQ study time.

  • Class returns to respective teams for ACW2 demo evaluations.