Rob Behnke
July 14th, 2022
Blockchain works as the fundamental technology for most cryptocurrencies. Today, companies are using blockchain technology for handling distributed databases, digital transactions, and healthcare to create blockchain-based applications for their clients. The advantage of utilizing blockchain technology is that it assures security in transactions due to its rules of cryptography, decentralization, and consensus. Yet, blockchain is sensitive to cyberattacks. For example, in June 2022, Halborn announced the discovery of a critical vulnerability impacting many of the top cryptocurrency wallets including MetaMask.
So how can we keep blockchain applications safe? In this article, we’ll provide an overview of the security framework for blockchain apps.
Until lately, some people in the blockchain space considered the technology “unhackable” — but numerous attacks have demonstrated that this is not the case. More and more security gaps are emerging in the blockchain applications and smart contract platforms. For example, in 2016, $72 million worth of Bitcoin was stolen from Bitfinex, one of the biggest crypto exchanges, due to stolen keys.
In other words, ignore what you heard from the “unhackable” advocates — just because data or money is on a blockchain doesn’t necessarily indicate that it’s safer than any other form of storage.
Threat actors can exploit vulnerabilities in the blockchain network and have thrived in different hacks and frauds over the years.
According to statistics, six of the top ten most costly blockchain hacks happened in 2021. Another survey showed that manipulating decentralized finance (DeFi) protocols was the fastest-growing method to swipe crypto in 2021. More than $1.6 billion has been exploited from DeFi in 2022 thus far! For a breakdown and analysis of some of the biggest hacks in crypto, check out Halborn’s Explained series.
So, what is blockchain security and what kind of security framework exists for blockchain applications? Keep reading to find out.
Blockchain delivers a system of data with intrinsic security qualities. For instance, it is based on regulations of cryptography, decentralization, and consensus, which guarantee faith in transactions. In most distributed ledger technologies (DLT), the data is configured into blocks and each block includes a transaction or group of transactions. Each new block links to the blocks before it in a series in such a manner that it’s almost infeasible to manipulate.
All transactions within the blocks are confirmed and approved by a consensus method, guaranteeing that each transaction is valid and accurate. In other words, Distributed Ledger Technology (DLT) means the technological arrangement and protocols that permit concurrent access, confirmation, and record updating in an unchangeable method across a network that’s distributed over numerous entities or locations.
Blockchain technology allows decentralization via the involvement of associates or members across a distributed network. There is no single point of failure and one user cannot modify the record of transactions. Yet, blockchain technologies vary in some crucial security factors.
Blockchain applications can vary in who can partake and who has credentials to the data. Networks are generally marked as either public or private, which defines who is permitted to partake, and permissioned or permissionless, which defines how members gain access to the network.
Public blockchain generally permits anyone to join. A public blockchain utilizes internet-connected machines to verify transactions and gain consensus. For example, Bitcoin is presumably the most prominent example of a public blockchain, and it gains consensus via bitcoin mining. Machines on the bitcoin network, or “miners,” attempt to find a valid proof of work for a block and thereby verify the transactions that the block contains.
On the other hand, Private blockchains utilize identity to verify membership and access privileges and generally only allow recognized entities to join. Only associates with specific access and authorizations can keep the transaction ledger. This network class demands more identity and access controls.
So, in other words:
Below are the four main ways hackers and malicious actors jeopardize blockchains.
Phishing is a hacking endeavor to gain a user’s credentials. Hackers send wallet key holders emails designed to appear as if they’re arriving from a legitimate authority. The emails try to trick the user into handing over their account’s private key or credentials for an online cryptocurrency exchange.
Routing attacks target the blockchain’s network infrastructure. Blockchains depend on real-time, extensive data transfers. If an attacker can break the network into multiple, isolated segments, this makes it easier to perform certain attacks.
In a Sybil attack, malicious attackers create many fake accounts to gain outsized influence over the network. While this cannot be used to break blockchain consensus, it can support other attacks.
In a 51% attack, it’s all about gaining control. If a miner, or a bunch of miners, could mobilize adequate resources, they could gain more than 50% of a blockchain network’s mining capacity. Having more than 50% of the capability indicates having power over the ledger and the capability to exploit it.
Hence, in the blockchain world, it is paramount to take measures to ensure the security of both the blockchain structure and environment.
When creating a blockchain application, it’s essential to assess security at all layers of the technology pile, and how to handle administration and permissions for the network. A complete security design for an enterprise blockchain solution utilizes standard security controls and technology-unique controls. Some of the security controls detailed to enterprise blockchain solutions contain:
Blockchain does deliver immutability and fault tolerance, but the factors such as regulatory compliance, data confidentiality, incident response, or stability do not arrive ‘out of the box’.
A notable example of security negligence causing monetary and reputational harm is the DAO hack of 2016 where a hacker manipulated a smart contract code vulnerability.
In this section, we’ll emphasize the primary security control areas that are required to go with blockchain security.
Security governance is important for all machines that live in a business setting, whether they are blockchain-dependent or not. The truth is that specifying security governance in distributed environments is more demanding than in centralized peers. For instance, in the matter of the DAO hack, the absence of expected policies pushed the demand for the DAO community to launch an ad-hoc incident response strategy in a time of emergency.
Below, we emphasize how blockchain affects three key security governance elements and what must be accomplished to demonstrate good governance in blockchain-based systems.
One of the basic grounds for blockchain is the lack of a central governing administration. Yet, in a corporate environment, a governance system and functional model are necessary to allow the accurate functioning of permissioned blockchains, where nodes must be assessed before being submitted to the network.
In fact, the option of a governance model affects significant functions such as change management (for instance revising the code or applying security patches) and Know Your Customer (KYC) procedures. Hence, security governance must be accommodated to serve the general blockchain governance model. This governance model generally includes things such as consortium or statutory association, consensus mechanism, type of blockchain (private/public, permissioned/permissionless), and node vetting procedure.
The setting of regulatory requirements relevant to a blockchain-dependent system is industry-based. Due to the technology’s characteristics, some of these conditions will be more difficult to implement compared to traditional centralized approaches. Clearly, conceding GDPR-equivalent privacy essentials such as data confidentiality, the right to be forgotten and data deletion will need some detailed design reviews, such as evading the storage of private data on the chain, use of anonymous identifiers, or zero-knowledge proofs. Hence, it is important to use the privacy-by-design idea when designing blockchain-based applications.
The reality that third parties partake in blockchain networks supplements the third-party security threat. It is thus important that third parties who operate nodes in the blockchain be kept to the exact security measures and that blockchain-specific due diligence (read Prevention and Resilience controls mentioned below) be accomplished.
Prevention reinforces the capability to protect critical assets against recognized and arising threats. Blockchain‘s foundation is cryptography, and so utilizing this science to enforce prevention controls seems obvious. The key, however, is to make sure that proper controls are present on all participating nodes.
Below are the primary prevention controls that should be placed across data, application, and design layers when developing blockchain applications.
Blockchain was developed by utilizing cryptographic elements such as hash functions for data integrity and digital signatures to authenticate transactions. While data integrity and authenticity are delivered by configuration, blockchain does not deliver any data confidentiality.
Digital signatures use Public Key Infrastructure (PKI) which can also be utilized to protect data stored on the blockchain itself, via encryption. Other cryptographic methods can be utilized to decrease or exclude reliances on single nodes, for example by demanding multiple nodes to aggregately decrypt by utilizing shared keys or sign vital data by utilizing multi-signature techniques. Ultimately, data can be additionally defended by implementing data minimization, i.e. holding private data securely held off-chain and only permitting non-critical data to be on-chain.
Using the current PKI to execute data confidentiality is possible, but presents a threat due to the hefty dependence on PKI for numerous goals, including authentication, consent, and data security. This threat is further explained in the Resilience section below.
A significant difficulty in defending blockchain-based applications is to prepare security engineers to comprehend blockchain technology, its attributes, and how these impact the general security of systems being constructed on top of it.
Also, blockchain-based ideas such as smart contracts can have complicated code. The demand for safe development strategies and policies to make sure the usage of tested software libraries and interfaces, periodic code inspections, and patching is heightened by the reality that smart contracts are completely automated.
In the event of the 2016 DAO hack, a more detailed code inspection could have stopped the smart contract design weakness which was the cause of the incident. Also, smart contracts generally accept input from data outside of the blockchain, e.g. currency exchange rates. Thus, sound input validation and data integrity assessments must be executed to guard systems’ working and integrity.
As blockchain is created by utilizing conventional features, all standard infrastructure attack vectors such as malware and hacking stay applicable for blockchain applications. Therefore conventional infrastructure measures such as vulnerability scanning and patch control must be implemented on all nodes.
When the DAO found their money was being drained, they had no recovery strategy. There had been numerous opportunities to prevent the incident, but the network was incapable of getting a consensus in the available time. It took days to ultimately recover from the hack.
Resilience controls permit a company’s functions to swiftly adjust and react to internal and external modifications, requests, disturbances, and threats, to resume functions with little effect on the business. Resilience is one of the main bases for firms to utilize blockchain technology.
Undoubtedly, blockchain technology eradicates a single point of failure and delivers functional resilience through its ingrained monotony. On the other hand, it heavily depends on internet connectivity, adequate node distribution (particularly in private blockchain networks), and PKI, so it is always necessary to assess resilience necessities when developing blockchain applications.
The implementation of disaster recovery controls is enabled by the decentralized character of blockchain technology. In this context, it is necessary to know what consensus mechanism is utilized and how this will affect the system’s continuity and availability if a subset of nodes does not respond. Despite blockchain’s resilience, business integrity and continuity are correlated with the availability of the PKI; if an application’s PKI is not resilient, then the application itself will not be resilient.
Assuming this, it is important to enforce safe and resilient key management techniques, such as secure key backups and tamper-resistant hardware settings for the private key repository.
Ultimately, companies must follow the progress in cryptoanalysis that could possibly damage specific protocols or decrease application security.
Companies preparing to go live with a blockchain-based technique must consider the important attributes mentioned above in the context of their organizations’ security control frameworks to address permitted, regulatory, functional, and financial threats.
By learning more about the blockchain security framework, you can assess your company’s security posture with critical eyesight and make modifications that provide robust protection from cyberthreats. If you want to learn more about how blockchain organizations can secure their digital assets, connect with our blockchain security experts at halborn@protonmail.com.