How are blockchains secured?
Blockchains are secured by a variety of mechanisms, including advanced cryptographic techniques and mathematical models for behaviour and decision making. Blockchain is the underlying technology of most cryptocurrency systems. It is what prevents this type of digital money from being duplicated or destroyed. The use of blockchain
technology is also investigated in other contexts where data immutability and security are very valuable. Some examples are the recording and tracking of charitable donations, medical databases and the management of supply chains.
Unfortunately, blockchain security is far from being a simple subject. It is therefore essential to understand the basic concepts and mechanisms that provide robust protection for these innovative systems.
Immutability and consensus
Although many features help in the security associated with the blockchain, two of the most important are the concepts of consensus and immutability. Consensus refers to the ability of nodes within a distributed blockchain network to agree on the current state of the network. Typically, the process of reaching consensus depends on what is known as consensus algorithms.
Immutability, on the other hand, refers to the capability of blockchains to prevent modification of already confirmed transactions. Although these transactions often involve the transfer of cryptocurrencies. It may also refer to the recording of other non-monetary forms of digital data.
Combined, consensus and invariability provide the framework for the security of data in blockchain networks. The consensus algorithms ensure that rules of the system are followed and that participants agree on the present state of the network. Simultaneously, the immutability guarantees the integrity of the data and the transaction ledgers. Each new block of data is confirmed to be valid.
Blockchains rely heavily on cryptography to secure data. In this situation, the so-called cryptographic hashing functions are of critical importance. Hashing is a process in which an algorithm (hash function) receives an input of data of any size and produces an output (hash) containing a predictable and fixed size. The hash is a sequence of numbers and letters.
Regardless of the size of the input, the output will always have the same length. However, if the input changes, the output will be completely different. Although, if the data does not change, the resulting hash will always be the same - no matter how many times you perform the hash function.
Within blockchains, these output values, or hashes, are used as unique identifiers for blocks. The hash of each block is generated in combination to the previous block's hash, which is what creates a chain of linked blocks. The hash of a block depends on the data in that block, meaning that any change in the data results in the hash of the block. Thus, the hash of each block is generated based on both the data in that block and the hash of the previous block. These hash identifiers play an important role in ensuring the security and immutability of the blockchain.
Hashing is also used in the consensus algorithms used to validate transactions. For example, on the Bitcoin
blockchain, the Proof of Work
(PoW) algorithm uses a hash function called SHA-256. As its name indicates, SHA-256 takes over data entry and returns a hash of 256 bits or 64 characters.
In addition to providing protection for transactional repositories on general ledgers, cryptography also helps to ensure the security of the wallets used to store cryptocurrency. The linked public and private keys that allow users to receive and send payments, respectively, are generated by the use of asymmetric cryptography.
Private keys are utilized to generate digital signatures for transactions, making it possible to check the ownership of the crypto sent for authenticity.
Although the details are beyond this article, the nature of asymmetric cryptography prevents others than the private key holder from accessing funds stored in a wallet
. Making these funds secure until the owner decides to spend it, as long as the private key is not shared.
Moreover, a relatively new concept known as crypto
economics, also plays a role in maintaining the security of blockchain. It is related to an area of research known as game theory, in which decision-making by logical actors in situations with predefined rules and rewards is mathematically modelled. While traditional game theory can be used for multiple scenarios, crypto economics specifically models and describes the behaviour of nodes on blockchain systems.
In short, crypto economics is the study of economics within blockchain protocols and the possible outcomes that their design can provide based on the behaviour of the participants. Security through crypto economy is based on the idea that blockchain networks provide more significant incentives for nodes to act fairly than to engage in malicious or erroneous practices. The PoW consensus algorithm used in Bitcoin mining offers an excellent example of this incentive mechanism.
Bitcoin creator Satoshi Nakamoto deliberately designed the mining process to be costly and intensive. Because of its complexity and computational requirements, PoW mining involves a significant investment in money and time - no matter where and who the miner is. Therefore, such a structure strongly discourages malicious activities and provides substantial incentives for honest mining activities. Unfair or inefficient nodes will quickly be removed from the blockchain network. At the same time, reliable and efficient miners have the potential to receive significant rewards.
Correspondingly, this balance of risks and rewards also protects against potential attacks that could undermine consensus by putting the majority of a blockchain network in the hands of a single group or entity. Such attacks, known as 51% attacks
, can be highly damaging if carried out successfully. As a result of the competitiveness of Proof of Work mining and the size of the Bitcoin network, the chance of a malicious party gaining control of a majority of nodes is exceptionally minimal.
Also, the cost in computing power required to gain 51% control over a vast blockchain network would be astronomical, which would be an immediate disincentive to make such a significant investment for a relatively small potential reward. This fact contributes to a feature of blockchains known as Byzantium Fault Tolerance (BFT). BFT is basically the ability of a distributed network to continue working as usual even if some nodes act maliciously. As long as the cost of setting up a majority of malicious nodes remains prohibitive, and there are better incentives for fair activity, the system will be able to thrive without significant disruption. However, it is worth noting that small blockchain networks are undoubtedly susceptible to a majority attack. This vulnerability is thanks to the total hash rate is significantly lower than that of Bitcoin, and it is, therefore, cheaper to launch a 51% attack.
Via the combined use of game theory and cryptography, blockchains can achieve a high level of security as distributed systems. However, as with almost all systems, these two areas must be appropriately activated. An accurate balance between decentralization and security is key to build a reliable and effective blockchain network.
As the use of the blockchain evolves, their security systems will also change to meet the needs of different applications. The private blockchains that are being developed for businesses, depend much more on security through access control than on the game theoretical mechanisms (or crypto economics) that are crucial for the security of most public blockchains.