Yes, the Blockchain Can Be Hacked
This article by James Risberg was originally published at CoinCentral.com
Cybersecurity Makes me Wanna Cry
We exist in a time of regular high-profile data breaches and concern over the security and privacy of digital information, saddled with an aging internet infrastructure that clearly isn’t up to the challenge of preventing sophisticated cyber attacks. From Equifax to WannaCry, the illusion of cybersecurity is dissolving before our eyes.
More and more often, news of the hacking or exposure of personal information comes to light. More and more, those we have entrusted with the keys to our data are revealed to be misusing that data and betraying our trust. It’s becoming ever clearer that the centralized systems that have gotten us this far will not be enough to protect us moving forward.
Blockchain technology promises to solve these problems by removing the trust involved in the storage and access of our digital content. By moving data to the edges of the network and employing strong cryptography to maintain individual control over that data, blockchains aim to put the power back in the hands of the end users and creators of the data, not the (clearly clumsy) hands of the platforms that we use to share the data.
Blockchains Aren’t Unhackable
However, powerful as blockchains may be, they are not immune to attack. Any technology has weak points and attack vectors, and the blockchain is no exception. Here we will explore the various vectors of attack (in order of increasing threat) and take a look at some examples of each from the short but exciting history of cryptocurrency so far.
A Sybil attack is an attack in which a huge number of nodes on a single network are owned by the same party and attempt to disrupt network activity through flooding the network with bad transactions or manipulating the relaying of valid transactions.
These attacks are theoretical so far and for the most part, may never be seen, as one of the fundamental design decisions made when developing a cryptocurrency system is how to prevent Sybil attacks.
Bitcoin prevents them through its Proof-of-Work algorithm, requiring nodes to spend resources (in the form of energy) to receive coins, thereby making owning the vast majority of nodes very expensive. Different projects handle Sybil-resistance differently, but nearly all handle it.
A routing attack is an attack made possible by the compromise or cooperation of an Internet Service Provider (ISP). While it’s technically possible to run a Bitcoin (or other coins) node anywhere in the world, the current reality is that nodes are relatively centralized right now in terms of the ISPs that carry the internet traffic to and from.
According to research done by ETHZurich, 13 ISPs host 30% of the Bitcoin network, while 3 ISPs route 60% of all transaction traffic for the network. This a major point of failure if an ISP were to be compromised to corrupted.
A routing attack works by intercepting internet traffic being sent between Autonomous Systems, top-level nodes in the architecture of the internet, of which there are few enough to intercept with relative ease. This is a phenomenon seen commonly, even daily, on the internet in the wild and can certainly be used against Bitcoin or other cryptocurrency traffic.
Using this method, a cryptocurrency network could be partitioned into two or more separate networks, exposing either side of the partition to double-spending attacks because they cannot communicate with the entire network to validate transactions. Once coins were spent on one side of the network and goods or services received, the partition could be removed and the side of the network with the shorter chain would be rejected by the network as a whole and those transactions would be wiped out.
As far as we know, this kind of attack has not occurred, and there are steps that can be taken to make coins immune to this behavior.
Direct Denial of Service
A Direct Denial of Service (DDoS) attack is an attempt by bad actors to cripple a server, anything from a website to a Bitcoin node, by flooding it with high volumes of traffic. This is definitely one of the more common attacks seen in the wild, as it’s relatively easy to purchase a DDoS attack from any number of disreputable “hackers” or firms out there.
In the case of a website, this looks like a huge volume of requests to the server being sent continuously over a period of time, preventing legitimate requests from receiving the resources they need. In the case of a Bitcoin node, this looks like huge volumes of small or invalid transactions being sent in an effort to flood the network and prevent legitimate transactions from being processed.
Major networks like Bitcoin are constantly under attack from DDoS attempts, but design decisions made in the development of the Bitcoin network act to mitigate the risk of DDoS attempts. In the face of a successful DDoS attack, there is no threat of stolen funds or compromised security, simply a halting of network activity.
Bitcoin’s Backlog Blues
However, while not a security risk, this interruption of service can be used for other agendas. There’s something of a saga when it comes to “spam” transactions (DDoSing the network with lots of transactions) and Bitcoin that played out from 2015 to 2017.
In June of 2015, Coinwallet.eu (a now defunct wallet company), conducted a “stress test” of the Bitcoin network by sending thousands of transactions on the network in an effort to influence the controversial block-size change debate that was raging at that time, stating in their announcement post that they set out “to make a clear case for the increased block size by demonstrating the simplicity of a large scale spam attack on the network.”
A month later, in what is called the “flood attack,” 80,000 tiny transactions were simultaneously sent on the Bitcoin network, creating a massive backlog that was cleared out only by the efforts of F2Pool, one of the largest mining pools at the time, which dedicated an entire block to combining all of the spam transactions and clearing them.
Over the course of the next year, according to analysis by LaurentMT, the creator of the Bitcoin analytics tool OXT, many thousands or even millions more spam transactions (mostly tiny, useless transactions that could not possibly have been legitimate) were sent out, clogging the Bitcoin UTXO backlog, but these transactions were for the most part ignored by the major mining pools.
Suddenly, in the second half of 2016 and all right around the same time, the major mining pools at the time began accepting these spam transactions into blocks, reducing the throughput of legitimate transaction just as the block-size debate was ramping up again and many of the pools were rumoured to be siding with the “big-blockers” over the small blockers.
The Bitcoin network has since cleared out this backlog and is humming along, while the big-block fans have moved their attention to Bitcoin Cash, a project that Jihan Wu (founder of Bitmain the largest owner of Bitcoin hashpower by far) is fully supportive of. Do your own research.
51% or Majority Attack
Since the security of a blockchain is directly linked to the computer power building the chain, there is the threat of an attacker gaining control over a majority of the hash power on the network. This would allow the attacker to mine blocks faster than the rest of the network combined, opening the door to ‘double-spending.’
Double-spending is a method of defrauding a cryptocurrency that involves submitting transactions to the chain, receiving the good or service that transaction pays for, and subsequently using the majority hashpower to fork the blockchain at a point prior to the transaction. This effectively erases that transaction from the chain history, allowing the attacker to transact with those same coins a second time.
Obtaining a majority of hashpower would not allow an attacker to create coins, access addresses or compromise the network in any other way, which limits the damage this method enables. The biggest effect of such an attack may well be the loss of confidence in the network that is attacked, and a subsequent plummet in asset price of any token on the network.
This sort of majority attack is very expensive to pull off, and as a result, in reality, only relatively small and low-hashpower coins are susceptible to this attack vector. Major coins like Bitcoin have little to fear from a 51% attack due to the fact that any attacker with the vast majority of hashpower would have more incentive to simply mine all of the blocks and receive the Bitcoin than to attempt to an attack, especially considering the price of their stolen Bitcoin would collapse if the news of an attack got out.
51% in the Wild
One of the more interesting examples of 51% attacks in the wild comes courtesy of a group of hackers that called themselves the ‘51 Crew.’ In the second half of 2016, the 51 Crew began holding small Ethereum clones for ransom, capitalizing on their low hash rates and centralized mining distribution to rent enough hardware to corner the network.
Claiming their “intention is not to wreck a project” and they were doing this just make money, they demanded Bitcoin in exchange for shutting down their operation and leaving the projects in peace. If the demands were not met, they would fork the coin’s blockchain to a point prior to large sales the crew had already made on exchanges.
The projects in question, Krypton (now defunct) and Shift (still traded at small volume), both refused to pay the ransom and subsequently had their blockchains forked. The project teams scrambled to shore up network decentralization and make changes to the protocols to prevent such abuses, but not before taking quite a hit.
The attacks outlined so far deal mostly in the realm of either double-spending or reduction in network service. The attacks are expensive to pull off and are quickly corrected by the network’s own self-repairing features. While they could be real threats to the confidence in a cryptocurrency and result in a minimal loss of funds, they are relatively small potatoes.
As with any computer system or network, the largest attack vector is human error. The major losses of funds seen so far in cryptoland are a result of bugs in the software of the coin itself. Cryptographic errors in the security of cryptocurrencies leave security holes that can be discovered and exploited by sophisticated hackers to undermine a project.
Perhaps the most visible example of a hack enabled through shoddy code is the infamous Ethereum DAO hack, so bad it spawned a whole new cryptocurrency and haunts the Ethereum project to this day.
The DAO (Decentralized Autonomous Organization) was a leaderless organization built on top of Ethereum using smart contracts. The idea was to give anyone the ability to invest in the company and vote on projects they wanted to be funded, all managed securely and automatically by the DAO smart contract code.
If you invested in the DAO (by purchasing DAO tokens) and then later decided to pull out, there was a mechanism for this by which you could have your Ethereum returned to you in exchange for your DAO tokens. This is the mechanism called the ‘Split Return’ that was exploited by a pioneering DAOist on June 17, 2016.
The Split Return is a two-step process: return the proper amount of Ethereum to the token holder triggering the return, then take the tokens and register the transaction on the blockchain to update the DAO token balance. The unknown hacker realized that he could trick the system into repeating the first step without moving onto the second, which enabled them to siphon $50million worth of Ethereum out of the DAO and into a separate DAO controlled only by the attacker.
This obviously enflamed the Ethereum community, and a plan to soft-fork and recover the funds was made. A soft fork would have been minimally invasive, backward-compatible and simply ‘erased’ the DAO hack from the blockchain. Once the plan was made, however, it was realized that it would not fly and a hard fork would be necessary. This was controversial and resulted in the creation of Ethereum Classic (ETC), a continuation of the original Ethereum chain with the DAO hack in place, and Ethereum (ETH), the newly hard forked project that continued to DAO another day.
The Real Threat is Users, Not Hackers
Blockchain technology is robust and promising, and even with all of these possibly attack approaches very few successful attacks have gone down in history. This hasn’t prevented vast amounts of money being stolen from users, however.
While the security of most cryptocurrencies remains intact, the security of the wallets, exchanges, and accounts of third-party services around these cryptocurrencies remains almost laughably bad. Millions upon millions of dollars worth of Bitcoin and other cryptocurrencies have been stolen from the compromised accounts of individuals and exchanges over the years.
While the attacks outlined above are mostly theoretical and are being defended against actively, the glaring hole in the security of Bitcoin and any other cryptocurrency is the fact that humans aren’t so great at paying attention and being vigilant. Reusing passwords, falling victim to phishing scams, careless website operators and negligent exchange employees continue to be the single most dangerous point of failure when it comes to the health of the crypto economy.
As we move forward, there may well be some blockchain level attacks perpetrated. These may come from huge powers like governments or corporations set on controlling or undermining these promising new means of storing and transferring wealth and value. In the long run, however, attacks like these will only act to strengthen and evolve the technology to be more resistant and robust.
But much more than this, there will need to be great leaps and bounds made in the ease of use and security of consumer crypto products before real adoption can occur. As long as one accidentally shared a password or left open laptop can mean the loss of your life savings, we can’t enter a world run on crypto.