MIT: Blockchain Is Still Vulnerable
Is hyped blockchain security – a reality making traditional financial institutions consider the technology or a myth ready to fall victim to hackers because of code error or human greed?
Reently, MIT Technology Review journal released by Massachusetts Institute of Technology pushed an article claiming that this technology hyped as a new security level is vulnerable.
MIT Technology Review article highlights that blockchain technology is a complex economical system which depends on unpredictable human behavior. Thus, it’s still possible to damage its security using human factor. The journal points out a range of vulnerabilities of blockchains of crypto currencies and smart contract platforms, referring to a range of incidents, including a recently revealed loophole for Ethereum Classic double spending on Coinbase – thousands of users lost their funds due to successful 51% attack. Most of crypto currencies are vulnerable, the cheaper it is, the more vulnerable it is.
The article lists a range of conditions making blockchain vulnerable, including code errors and human factor. The analysts highlight that the fundamental blockchain principle is the transaction irreversibility – it is very attractive for criminals because it deprives centralized regulators of opportunity to bring lost money back to their owners. At the same time, blockchain certainly has unique security features, together with unique vulnerabilities.
The more complicated blcockhain system is, the more ways to make a mistake adjusting it there’re, say the article’s authors. They remind of Zcash crypto currency developers team. Zcash crypto currency uses complicated cryptography to let the users make private transactions. The team told that it fixed some cryptographic vulnerability recently. Fortunately, the scammers did not find it first, otherwise, they could have used it to create unlimited number of fake ZCash coins. Not only the crypto currency itself can have bugs: a program client may have as well, developers of the main Bitcoin Core client had to make every effort to fix the issue (secretly, too).
In brief, blcockhain technology is praised for its security, but it can be very vulnerable in some cases. Sometimes unpredictable error in the code is a reason. But, in many other cases, “the grey zone” – a result of code, blockchain economy and human greed interaction.
The review also mentions numerous bounty programs launched by blockchain and crypto currency programs which allow so-called “white hackers” to get a reward for reveal of a bug of a blockchain platform. According to TheNextWeb they’ve earned $878 000 just for 2018. Coinbase has already rewarded HackerOne hackers with record $30 000 for revel of some critical system error.
Meanwhile, “black hackers” seem to be more successful – last year, they’ve stolen crypto currencies worth of almost $2 billion, $1 billion was stolen by just two major hacker groups.