Blockchains are secured through a variety of mechanisms that include advanced cryptographic techniques and mathematical models of behavior and decision-making
. Blockchain technology is the underlying structure of most cryptocurrency systems and is what prevents this kind of digital money from being duplicated or destroyed.
The use of blockchain technology is also being explored in other contexts where data immutability and security are highly valuable. A few examples include the act of recording and tracking charity donations
, medical databases, and supply chain
However, blockchain security is far from being a simple subject. Therefore, it is important to understand the basic concepts and mechanisms that grant robust protection to these innovative systems.
The concepts of immutability and consensus
Although many features play into the security associated with blockchain, two of the most important are the concepts of consensus and immutability. Consensus refers to the ability of the nodes
within a distributed blockchain network to agree on the true state of the network and on the validity of transactions. Typically, the process of achieving consensus is dependent on the so-called consensus algorithms
Immutability, on the other hand, refers to the ability of blockchains to prevent alteration of transactions that have already been confirmed. Although these transactions are often relating to the transfer of cryptocurrencies, they may also refer to the record of other non-monetary forms of digital data.
Combined, consensus and immutability provide the framework for data security in blockchain networks. While consensus algorithms ensure that the rules of the system are being followed and that all parties involved agree on the current state of the network - immutability guarantees the integrity of data and transaction records after each new block
of data is confirmed to be valid.
The role of cryptography in blockchain security
Blockchains rely heavily on cryptography
to achieve their data security. In this context, the so-called cryptographic hashing functions
are of fundamental importance. Hashing is a process whereby an algorithm
(hash function) receives an input of data of any size and returns an output (hash
) that contains a predictable and fixed size (or length).
Regardless of the input size, the output will always present the same length. But if the input changes, the output will be completely different. However, if the input doesn’t change, the resulting hash will always be the same - no matter how many times you run the hash function.
Within blockchains, these output values, known as hashes, are used as unique identifiers for data blocks. The hash of each block
is generated in relation to the hash of the previous block, and that is what creates a chain of linked blocks. The block hash is dependent on the data contained within that block, meaning that any change made to the data would require a change to the block hash.
Therefore, the hash
of each block is generated based on both the data contained within that block and the hash of the previous block. These hash identifiers play a major role in ensuring blockchain security
Hashing is also leveraged in the consensus algorithms used to validate transactions. On the Bitcoin blockchain, for example, the Proof of Work (PoW) algorithm utilizes a hash function called SHA-256. As the name implies, SHA-256 takes data input and returns a hash that is 256 bits or 64 characters long.
In addition to providing protection for transaction records on ledgers, cryptography also plays a role in ensuring the security of the wallets used to store units of cryptocurrency. The paired public and private keys that respectively allow users to receive and send payments are created through the use of asymmetric or public-key cryptography
. Private keys are used to generate digital signatures for transactions, making it possible to authenticate ownership of the coins that are being sent.
Though the specifics are beyond the scope of this article, the nature of asymmetric cryptography prevents anyone but the private key holder from accessing funds stored in a cryptocurrency wallet, thus keeping those funds safe until the owner decides to spend them (as long as the private key is not shared or compromised).
In addition to cryptography, a relatively new concept known as cryptoeconomics
also plays a role in maintaining the security of blockchain networks. It is related to a field of study known as game theory
, which mathematically models decision-making by rational actors in situations with predefined rules and rewards. While traditional game theory
can be broadly applied to a range of cases, cryptoeconomics specifically models and describes the behavior of nodes
on distributed blockchain systems.
In short, cryptoeconomics is the study of the economics within blockchain protocols and the possible outcomes that their design may present based on its participants’ behavior. Security through cryptoeconomics is based on the notion that blockchain systems provide greater incentives for nodes to act honestly than to adopt malicious or faulty behaviors. Once again, the Proof of Work consensus algorithm used in Bitcoin mining
offers a good example of this incentive structure.
When Satoshi Nakamoto
created the framework for Bitcoin mining, it was intentionally designed to be a costly and resource-intensive process. Owing to its complexity and computational demands, PoW mining involves a considerable investment of money and time - regardless of where and who the mining node is. Therefore, such a structure provides a strong disincentive for malicious activity and significant incentives for honest mining activity. Dishonest or inefficient nodes will be quickly expelled from the blockchain network, while the honest and efficient miners have the potential of getting substantial block rewards
Similarly, this balance of risks and rewards also grants protection against potential attacks that could undermine consensus by placing the majority hash rate
of a blockchain network into the hands of a single group or entity. Such attacks, known as 51 percent attacks
, could be extremely damaging if successfully executed. Due to the competitiveness of Proof of Work mining and the magnitude of the Bitcoin network, the likelihood of a malicious actor gaining control of a majority of nodes is extremely minimal.
Furthermore, the cost in computing power needed to attain 51 percent control of a huge blockchain network would be astronomical, providing an immediate disincentive to make such a large investment for a relatively small potential reward. This fact contributes to a characteristic of blockchains known as Byzantine Fault Tolerance (BFT)
, which is essentially the ability of a distributed system to continue to work normally even if some nodes become compromised or act maliciously.
As long as the cost of establishing a majority of malicious nodes remains prohibitive and better incentives exist for honest activity, the system will be able to thrive without significant disruption. It is worth noting, however, that small blockchain networks are certainly susceptible to majority attack because the total hash rate devoted to those systems is considerably lower than the one of Bitcoin.
Through the combined use of game theory and cryptography, blockchains are able to attain high levels of security as distributed systems. As with nearly all systems, however, it is critical that these two fields of knowledge are properly applied. A careful balance between decentralization and security is vital to building a reliable and effective cryptocurrency network.
As the uses of blockchain continue to evolve, their security systems will also change in order to meet the needs of different applications. The private blockchains now being developed for business enterprises, for example, rely much more on security through access control than on the game theory
mechanisms (or cryptoeconomics) that are indispensable to the safety of most public blockchains.