We recently published the full report of our Cyber Security workshop. There you can find a detailed overview of the discussion plus links to the slides and videos. In this post, we summarise some of the highlights.
Security is a prime concern of any online platform. For blockchain-based platforms, which often are used for financial transactions, for storing value or communicating trusted data, it can take on an extra dimension. In our Cyber Security workshop, we invited several experts on the front lines of blockchain cyber security, to bring us up-to-date on the state of the art. We also held a workshop-wide discussion on how blockchains might be employed to increase cyber security generally. Below we present some of the highlights from the day.
The Difficulty of Protecting Digital Assets
In the first presentation, the workshop was treated to a deep dive into blockchain security in general. Among the takeaways were that, while blockchain technology itself is generally secure, digital assets on blockchains are not. That makes smart contracts, which are used to create these digital assets, the main blockchain-specific security concern in blockchain-based platforms. Among their many vulnerabilities are the fact that they are publicly accessible, they are immutable (meaning once deployed, bugs or errors in logic generally cannot be fixed), and they are also vulnerable to a number of software-related attacks, like reentrancy, or attacks related to their business logic, like front-running attacks. That said, most of the cyber security issues facing blockchain implementations are not directly related to blockchain but rather traditional cyber security issues. These can include vulnerabilities in off-chain code like databases and APIs, vulnerabilities in the underlying infrastructure, unsecure authentication, erroneous use of cryptography or key storage exposure, among others. As with any type of cyber security, the most serious vulnerability is the human being. Blockchains are vulnerable to the whole panoply of people-related security issues, from social engineering attacks, information leaks, insider attacks, including backdoors introduced by disgruntled employees to laziness or ignorance of proper security procedures.
How to avoid vulnerabilities in smart contracts
The next presentation looked at how to address vulnerabilities in smart contracts through audits. There are two main types of audits. Manual audits are the most thorough and effective, but they are also expensive and so generally are done once, usually at the end of the process once the contract has already been written. Due to expense, this step is also often unfortunately skipped. Another option is program analysis, which involves using software tools to perform security analysis during the development phase. There are many different techniques for program analysis – including dataflow analysis, symbolic execution and deductive verification – that try to explore all the different interpretations of the code and data flow through the contracts to check for patterns. This can reveal some vulnerabilities, particularly if these vulnerabilities are already known. Some program analysis techniques require setup on the user end. Others can be fully automated. The latter is known as Automatic Analysis. By identifying vulnerabilities researchers can also identify various vulnerability classes, make models of them, and then create a set of logical rules that precisely describe the weaknesses they represent, and which subsequent analytical tools should look for.
Security aspects and open challenges of blockchains and consensus protocols
The third presentation focused on the security challenges facing blockchains and consensus protocols. To understand blockchain security at the protocol level, you first have to understand the different types of blockchains. In particular, security issues are different depending on whether the blockchain is public or private, and whether or not it is permissioned or permissionless. To be successful, a distributed consensus protocol must guarantee safety (integrity of the data) and liveness (high availability of the network) in the face of different network models, different trust assumptions among participants, and in light of the possible existence of malicious nodes (referred to as byzantine nodes). Looking at consensus mechanisms from a high level perspective, we can distinguish two main families. Lottery-based consensus protocols, like Proof-of-Work (PoW) and most Proof-of-Stake (PoS), involve a probabilistic election of the leaders in the network. They are good for public networks because they work with large numbers of nodes, but they are slow. Voting-based consensus protocols encompass the classic byzantine fault tolerant consensus mechanisms. They use a voting process to elect a leader and are highly suited to permissioned networks with small numbers of nodes.
Zero Knowledge Proofs and Blockchains: what usages beyond confidentiality
The next presentation looked at zero knowledge proofs (ZKP), one of the most exciting developments in the field of privacy-preserving computing. The point of a zero-knowledge proof is to be able to prove mathematically that you know something without actually revealing what you know. This is possible among other things through complex mathematical techniques. There are many potential uses for ZKP. ZK proofs, for instance, can be used for creating private transactions on a blockchain, as is done for example with ZCash or Aztec. Another interesting use case is cryptographic sortition, using ZK proofs to select a subset of participants from a larger group such that only the participants know they have been selected, and can choose when they want to reveal themselves with this proof that they have been selected. This can be helpful in cyber security in cases where you may need to select participants, for instance to do some work, like validators on a network. A very exciting use case for ZKP is in the realm of scalability. Because with these techniques it becomes possible to verify a proof without executing it, on a blockchain, one node could verify the transaction and provide a proof, and all the other nodes would just need to verify the proof. This costs much less in terms of computing power and storage than methods in use today, which generally require all nodes to re-verifty all transactions.
Leveraging blockchain for the core cybersecurity aspects
The final session of the day was an open discussion on if and how blockchain could be used to enhance cybersecurity. While panelists thought there were, a lot depended on the use case. In cyber security, blockchain is probably most useful in situations where decentralisation helps security, for example managing domain names (DNS). It might also find application in secure authentication, information sharing and access right management in identity systems. Blockchain could also be used to improve service resilience and availability as, being distributed systems, they are highly resilient to certain attacks, like DDOS. Blockchain could also be used in various data security contexts. These include areas like food safety, pharma safety, property title or e-voting. EUIPO, the EU Intellectual Property Office, for instance has been working with blockchain to fight counterfeiting, tax evasion, or ensuring authenticity of software. Yet these things can also be done without blockchain too. The session ended with a discussion of recommendations. Chief among these were education and best practice, above all in the area of smart contracts.
A detailed report on this workshop, including links to the presentations and the video of the day, has been published on our Reports page.
The Workshop took place in Brussels on 29 October, 2019
There were 50 people registered for the event
- Stefan Beyer, Cryptonics
- Joran Honig (MythX)
- Stefano De Angelis (University of Southampton)
- Nicolas Liochon (Pegasys)