Skip to content

Blockchain security

2018-9-20
This article has been translated using machine translator. It may not perfectly capture the nuances of the original text. I appreciate your understanding in this matter.

Security

The question of sermon safety is really difficult. Everyone will say that they know that security is important, but they are reluctant to spend money and energy to build a secure system. And before the security incident, you will not know whether it is really safe, as an emerging blockchain technology, there are also a lot of security issues.

In the current blockchain era, if we allocate assets on the blockchain, there will be a sense of security.

This is a sense of security that assets will not be taken away, value is based on consensus, and cannot be controlled by the issuer.

It is this sense of security that makes us feel that for the first time we really own this asset, not endorsed by another third party, and will never lose it, because of the issuer, or government intervention, policy changes, the asset will never be lost.

But after this sense of security is conveyed by the media, users have the illusion that they are safe to own this asset.

But in fact, the message of the blockchain to the public should be: it gives asset owners, a right and freedom, and if they want to control their assets, they must bear the responsibility of keeping their private keys. The pain point is also here, most users do not necessarily have the willingness or ability to bear this responsibility. You will feel that instead of saving your own assets, it is better to put them in a large exchange with brand guarantees. This makes security issues particularly prominent.

Development

In recent years, blockchain has continued to develop rapidly. From the so-called 1.0 to 3.0, the functions are becoming richer, the performance is getting better and better, and the human-computer interaction has become more human, but security has actually been regressing.

Bitcoin is called Blockchain 1.0. From the launch to the present, even if there are many dissatisfactions, it has to be said that so far, only he has no serious security problems.

And the so-called blockchain 2.0 - the Ethereum project. Because Turing-complete smart contract functions are introduced to the blockchain, the platform is more flexible and more powerful. But it also brings a lot of security issues.

And now, in many people, the so-called blockchain 3.0 project - EOS project. To improve performance, use the POS mechanism directly. This is no longer a security problem caused by the code of Ethereum's smart contracts being too flexible, but that security has been abandoned architecturally. Broadly speaking, it is no longer a true public blockchain. In the previous public blockchain system, the blockchain nodes were networked. Even if multiple nodes are hacked, the network can still operate normally, but the EOS system using the POS mechanism has only about 20 nodes, and behind these nodes, there may be only a few people controlling it. If these people are controlled or colluded, the security of this blockchain network will no longer exist.

The foundation of security

There is no free security. In order to ensure the security of the entire system, Bitcoin uses the PoW proof-of-work mechanism, which consumes a lot of electricity, but it brings that the information is open and transparent, cannot be tampered with, and cannot be deleted, such a consensus result.

For the public, blockchain assets are not absolutely safe. There are the following potential security risks:

**First, assets are not protected by third parties. **Blockchain assets are not legally protected in most countries, and public security authorities and banks have not filed them.

Second, once lost, it is permanently lost. **Due to the anonymous letter of the blockchain, once the asset is lost, it will be difficult to trace, you don't know who stole it, and you can't prove that the asset is yours.

Third, it is technically difficult to protect assets. ** There is a certain technical threshold for protecting blockchain assets, and it is difficult for ordinary users to protect their blockchain assets safely.

**Fourth. Asset value is technology-based. Therefore, once the technology is manipulated. The manipulator can steal profits at will, and even bring the value of the asset to zero.

**Fifth. Formation of various centers. Even if the assets on the blockchain network are secure, because the systems of enterprises in the industry/exchanges, custodial wallets, mining pools, etc. are centralized, they will be the target of hackers, and because they are centralized, once the attack is successful, the impact will be very large.

**Sixth. Air coins. ** Due to the impetuosity of the currency circle and the frequent appearance of air coins, their purpose is only to cash out money, so it is impossible to do a good job of security, which will even lead to the expulsion of bad money from good money, so that other high-quality blockchain projects that do a good job of security are not taken seriously.

**Seventh. Airdrop project information leak. ** Airdrop projects exchange user information for coins, but because they are not safe, they are often stuffed and destocked, which leads to information leakage that will further endanger other assets of users.

Summary

In fact, all kinds of hazards can be talked about for a long time, but because safety is not free. The willingness to face these hazards and invest money and energy in reducing security vulnerabilities is still low. Time is limited, and Xiaoice will not go into details.

References