Blockchain circle

One stop hot information platform

About us:

Blockchain circle provides the latest information about blockchain, digital currency, digital wallet, exchange, metauniverse, bitcoin, Ethereum, contract, financial management and so on, and always pays attention to the latest market...

Understand the six categories and three problems of blockchain security

Time : 12/07/2021 Author : k8bfr2 Click : + -
        On August 6, 2018, Tencent security released the blockchain security report for the first half of 2018. The report shows that there are more than 1600 kinds of cryptocurrencies in the world. In the first half of 2018, the blockchain sector lost more than US $2.7 billion due to security issues, and the amount of loss due to blockchain security events is still rising. From the "mail gate event" of iota, the "false recharge vulnerability" of usdt, the "Rainbow attack" of EOS, to the "integer overflow attack vulnerability" of BEC and SMT, and the "51% computing power attack" of BTG, this series of events have aroused widespread concern and thinking.
        What are the main threats to blockchain security? Why is the security issue of smart contracts so important that it attracts so many people's attention? How many security types of smart contracts? What are the mainstream safety monitoring methods? What is the most effective method? How can we get secure and leak free smart contract code? In view of this series of problems, alpha commune and secbit will systematically introduce the security problems and mainstream solutions of the blockchain industry. The first layer is cryptography. Cryptography is the lowest support technology of the blockchain, including hash algorithm, digital signature, random number, etc. if these cryptography technologies have problems or vulnerabilities, the trust built on this whole blockchain will collapse.
        Although the cryptography technology has been quite mature at present, and the possibility of huge vulnerabilities is relatively small, it is still not ruled out that some projects have problems. On July 15, 2017, iota, known as "the world's first coin in the Internet of things", received an email from the academic research group DCI affiliated to the Massachusetts Institute of technology, reminding the iota team that iota's hash algorithm curl-p has weaknesses, and DCI can successfully attack the system and steal user funds. Although iota later questioned and refuted DCI's e-mail, so far, no user has stolen funds due to this vulnerability, but this incident has aroused people's attention on the security of cryptology technology of iota and other projects.
        The second layer is the generation, use and protection of the user's private key. The credentials of users participating in the blockchain are a pair of public and private keys. The premise for each person to interact through the blockchain is that he has a secure private key and can keep his own private key. Therefore, the generation, trial and protection of private keys are very important. In July this year, EOS discovered the vulnerability of the private key created by hackers due to the security risk of the private key generation tool, and implemented the "Rainbow" attack, resulting in the theft of the digital assets of the account and the loss of tens of millions of digital assets. The third layer is the security vulnerability of the node system. This problem belongs to the traditional security category. For example, blockchain nodes cannot have traditional security vulnerabilities such as buffer overflow.
        In addition, the implementation of blockchain nodes should faithfully and correctly implement the consensus protocol of the blockchain; The node cannot expose the API interface that should not be exposed, so that the hacker can obtain some key information of the node without obstacles. Both Ethereum and EOS have been exposed with serious security vulnerabilities. This part of security is also crucial. The fourth layer is the underlying consensus agreement. At present, there are several mainstream blockchain consensus protocols in the market, such as pow, POS, dpos and pbft. The underlying consensus protocol determines whether the entire architecture of the blockchain is credible and whether it can truly form a consensus blockchain. At present, there are not many consensus protocols that have been proved to be safe, because the consensus protocol itself is not simple either in theory or in technology.
        And consensus protocols that have been verified for a long time are relatively secure, such as POW of bitcoin. Consensus agreement has an impossible triangular relationship: security, decentralization and efficiency, which can only be achieved simultaneously. If we pursue efficiency, we must sacrifice decentralization or security. In theory, all digital currencies created based on the underlying consensus agreement have a 51% risk of computing power attack. In the first half of this year, at least four kinds of digital currencies were attacked by 51% of the computing power, namely, monacoin, bitcoingold, verge and electroneum, causing losses of tens of millions of dollars to users.
        The fifth layer is smart contract. A smart contract is a set of promises defined in digital form, including agreements on which contract participants can perform these commitments. Any participant can create a contract in the application layer, which is called DAPP (decentralized application). This is also the place with the most security problems at present. The security risks of smart contracts include three aspects: first, whether there are loopholes. Whether there are common security vulnerabilities in the contract code. Second, whether it is credible. A smart contract without loopholes is not necessarily safe. The contract must be fair and credible. Third, comply with certain specifications and procedures. Since the creation of contracts requires the definition of commitments in digital form, if the process of contract creation is not standardized, it is easy to leave huge hidden dangers.
        At present, many smart contracts in the market have security vulnerabilities. For example, on June 3, secbit found that 81 contracts on Ethereum had the same error, and the transferfrom function in erc20token contract has great hidden dangers. Once problems occur after deployment, irreparable losses will be caused; On June 6, secbit found that the erc20 token contract fxe, due to the business logic implementation vulnerability, anyone can transfer out the tokens in other people's accounts at will, and the tokens will face the risk of completely returning to zero at any time.
        As practitioners in the blockchain industry, users of smart contracts or owners of cryptocurrencies, they should learn the corresponding cryptology and smart contract programming knowledge, and must not copy and use the codes of contracts and public and private keys involving fund security at will. If a malicious attacker publishes the code with serious vulnerabilities on the network for dissemination, and induces the organization with insufficient technical development ability to use it, it will cause a devastating blow and irreparable loss to the user. The sixth layer is the design of incentive mechanism. To complete cooperation, smart contracts usually need to design corresponding economic incentive mechanisms. Economic incentive is a very breakthrough concept in blockchain technology.
        A truly healthy and dynamic blockchain ecosystem needs a good incentive mechanism. However, if the economic incentives are not designed safely enough, the ecology may not be built. For example, the typical Ponzi like games should be vigilant. The six-layer blockchain security issues mentioned above are all divided by the corresponding technical levels. The lower the technology, the more stable it is. For example, cryptography will not be easily changed after it is selected from the beginning. Any user can create a contract based on consensus, just like every ordinary person can write a contract based on a certain law. This law is a consensus mechanism (platform), and this contract also has internal binding terms. Using DAPP is like signing a contract, and all actions should be performed according to the contract terms.
        Therefore, the security risks of smart contracts are directly related to the property loss of users. First, security vulnerabilities represented by integer overflow. Security vulnerabilities are usually introduced by people who write code carelessly. It may cause some functional parts of the contract to fail. In the most serious case, it may cause hacker attacks, users to lose money, or even hackers to create a lot of money out of thin air. For example, BEC, SMT and edu have been attacked by hackers due to integer overflow security vulnerabilities, resulting in the currency value returning to zero. Second, smart contract permission control. In general, an administrator will be set in the smart contract, and the administrator generally has super permissions. The security risks of this type of contract are relatively large, because once the administrator's private key is stolen, it is easy to cause huge losses.
        According to incomplete statistics of secbit, among the top 570 token contracts, 342 contracts have the function (onlyowner) that only administrators can call, and many contracts have excessive permissions such as administrators' arbitrary coining, burning, freezing accounts, and closing transfers. On July 10 this year, Bancor, a cryptocurrency trading platform, said that it was attacked and lost the Ethereum, the Bancor token of US $10 million and the pundix token of US $1 million, which were converted into legal currency at that time. Through our analysis, we found that the theft of Bancor platform was related to the bancorconverter contract. The attacker (hacker / insider) stole the user's token by obtaining the private key of the administrator's account and borrowing the administrator's identity, causing huge losses to the user.
        Third, normative issues. There is no uniform specification for the implementation of many smart contracts. Smart contracts are multi-person collaboration in an interactive manner. If the contract is not standardized, it is easy to cause different people to misunderstand the behavior of the contract, resulting in a large number of security problems. For example, the "false recharge" events that broke out in succession this year include Ethereum tokens and usdt. According to incomplete statistics conducted by an organization, there are 3619 single token contracts in the market with the risk of "false recharge", including many well-known tokens. Under normal circumstances, if the transfer is not successful during the recharge process, the account cannot be recharged, and the account balance is still 0.
        However, if there is a "false recharge" vulnerability in the contract, when the transfer is unsuccessful, the system will not display the recharge failure (value), and the exchange will misjudge the result as successful recharge. If a hacker finds this loophole, he will always "fake" recharge and then put the money forward, which will bring direct losses to the exchange. At present, there are three main inspection methods for smart contract security in the market. The first is testing, the second is auditing, and the third is formal verification. The test requires the program to run automatically and detect whether there are integer overflow vulnerabilities through various possible inputs. However, this test is usually impossible to cover 100%, and there must be omissions.
        Auditing is based on the professional knowledge of experts, but even professional experts may have omissions. The first two traditional methods can not guarantee that there are no loopholes in the contract, but formal verification can do this. Formal verification can solve three types of problems. The first type is security without loopholes: through mathematical reasoning, all behaviors of the contract are captured and covered, and all possibilities are covered, so as to ensure that the contract is free of loopholes. The second type is credibility: openness and transparency. The contract creator should not only explain what he has done, but also prove to everyone that the code does. This can only be achieved by formal verification at present. The third category is normative issues.
        The aforementioned false recharge vulnerability is because the erc20 specification of Ethereum is very vague and incomplete. How can I write it completely? This requires that the specifications of the contract should not be described in natural language or words, but should be introduced into formal specifications and strictly defined in a mathematical logic language. At present, formal verification includes model verification and deductive reasoning. There have been a large number of application cases in the industry, especially in the fields related to safety systems. For example, in the aerospace, high-speed rail, nuclear power and other industries, there are special teams to provide formal verification services, and their functions and effects have long been recognized by experts in the safety industry.
Previous:The Great Wall "live" now yuan universe Baidu map exclusive first cultural tourism digital collection
Next:No more

Related articles:

© 2005-2032 | Blockchain Circle & & All Rights Reserved    Sitemap1 Sitemap2 If there is infringement, please contact us at: