In our previous posts, we discussed how different parts of Blockchain work (part one, two, three). Now, I want to bring it all together and answer the question — how resilient is Blockchain to external attacks?
Just a quick reminder of some key features of Blockchain:
• Transparency: it must be open and transparent
• Immutability: no one can change what has already been recorded in the Blockchain
• First-in-first-out: messages received by the network are saved according to the “first received, first recorded” principle. This eliminates the problem of message duplication (Double spending)
If you read my previous three posts, you’ll agree that all these properties are enabled thanks to the design of Blockchain as a distributed chain of blocks (Transparency), the consensus mechanism (Immutability), and the collision resolution mechanism (First-in-first-out).
The system is [un]hackable
Let’s answer this question: “How secure and immutable is the blockchain?” After all, there are no impregnable locks. But first, a joke about the Elusive Joe:
A small town in a western American desert. Saloon. Two cowboys, a local and a visiting, are sitting and drinking whiskey. Suddenly, somebody blasts through the street with wild speed, shooting from the revolvers in all directions and yells: I am Elusive Joe, no one has ever caught me. Nobody in the saloon pays attention. Visiting cowboy asks local cowboy: -Bill? -Yes, Dave. -What was that? -That was Elusive Joe, Dave -Why do they call him Elusive Joe, Bill? -Because no one has ever caught him yet. -Why is that, Bill? -Because nobody freaking needs him, Dave
The blockchain inexorably follows this same paradigm: hacking is not unfeasible, but impractical.
Blockchain is a chain of blocks where all transactions are recorded in each block, which appears every 10 minutes (in Bitcoin) or even every 30 seconds (in Ethereum). Each new block contains the hash of the previous block. If you change even a small part of an old block (just one out of 3,000 transactions), its hash will change too. This means that you would need to change the hash in the next block too (or the blockchain won’t be valid and other nodes won’t accept it). But then you’ll also have to change the hash of the next block, and so on. This means that if you want to alter only one transaction that happened 1,000 blocks ago, you’ll have to change all the 1,000 blocks. This is a very difficult task since the majority of the computers that store the blockchain are independent, and there are tens of thousands of them. It’s practically impossible to coordinate and carry out such an attack.
This is where the consensus mechanism comes in. Even if a super-hacker gains access to 10,000 computers simultaneously, they would not only have to change the hashes in 1,000 blocks but also solve cryptographic puzzles for each of those blocks. That’s 1,000 puzzles in a row! To achieve this, they would need to expend an amount of energy equal to what the entire network (e.g., Bitcoin) uses in 10,000 minutes, which is a colossal amount.
Collision resolving. Furthermore, even if a billionaire super-hacker managed to carry out this feat (😊), the network still wouldn’t accept their blockchain because it would be too short. This means that not only would they have to solve the cryptographic puzzle 1,000 times in a row, but they would also have to catch up with and surpass the entire current network. While they are working on changing those 1,000 blocks, a new block appears every 10 minutes, which means their fake blockchain will quickly become outdated.
Here we come to the conclusion: in practice, it is impossible (read — impractical) to try to replace something in the existing Blockchain
Even if the system can be hacked, it cannot be hacked
The only feasible attack on a PoW blockchain is a 51% Attack, which I talked about in my previous post. It’s just not possible in big blockchains like Bitcoin or Ethereum because of the network’s size. But even if someone manages to do it, it won’t be the end of the blockchain. Honest network participants can agree among themselves and make a new copy of the blockchain (hardfork, more on that in subsequent posts), excluding the attacking nodes and canceling all their transactions. It will be difficult to pull off and will require consolidation of a large number of independent honest participants. But if the problem is so big (and having a successful 51% Attack is an enormous one), consensus will likely be reached. Similar cases have happened in real life (The DAO case is an example), but I’ll talk about them in subsequent posts.
In small blockchains, a 51% Attack is much easier to implement, but the question is, why bother? If the blockchain is small, then the turnover there won’t be that big, so the “outcome” from such an attack will be minimal. It turns out that where the “game is worth the candle,” the attack is impossible. And where it is possible, no one really bothers. It’s the real-life example of the Elusive Joe paradigm.
A fly in the ointment
But everything isn’t all sunshine and rainbows for Blockchain, even though it might seem that way. Sure, the system can’t be hacked. That’s because Blockchain is built on principles of Game Theory and Mechanism design. This means that the system has rules in place that make it unwise for players to break them. But this is also the main problem — these same rules can turn against the system if there is a “wormhole” in the system’s design.
By definition, all participants in the system are considered hostile to each other and act solely in their own interests. If there is a flaw in the system that allows participants to extract personal benefits at the expense of others without consequences, they will certainly do so. This is one of the reasons why communities, such as the Ethereum Foundation, exist to develop and improve the technology.
In the next (bonus) post, I’ll talk about one such “wormhole” for PoW systems like Bitcoin. It’s a way of cooperation that allows miners to earn more than other miners through “smart” behavior.
Conclusion
Inevitably, we must admit that the design of Blockchain makes it the most secure transactional system in human history. In fact, with a large enough network, it is either impossible to hack or deeply impractical to do so. And even in the case of a hack, the system rebuilds itself and mitigates the consequences of such a breach.
However, blockchain still has unresolved problems and the network itself has flaws that can be (but have not yet been) used against its participants. Therefore, the technology must constantly evolve and improve.
Credit: Source link