This article comes from MIT Technology Review, the original author: Mike Orcutt
Translator丨Moni
Editor丨Lu Xiaoming
Blockchain has always been known for its solid security, but with more and more security holes appearing in cryptocurrencies and smart contract platforms, the once unhackable blockchain is being eroded by hackers.
At the beginning of last month, the security team of the cryptocurrency exchange Coinbase noticed some strange things about Ethereum Classic. Although Ethereum Classic can still be bought and sold on the Coinbase trading platform, its blockchain and all transaction history are under attack.
The attacker somehow took control of more than half of the Ethereum Classic network and then started rewriting transaction history -- making it possible for the hacker to spend the same cryptocurrency more than once, also known as "double spending". "(double spends). In this attack, approximately $1.1 million worth of Ethereum Classic was double spent. While Coinbase claims that no cryptocurrency has been stolen from its accounts, not every cryptocurrency exchange has been as "lucky" as they are: Gate.io has admitted to being hacked and $271,500 worth of Ethereum Classic was stolen (but several returned another $100,000 to Gate.io days later).
Just a year ago, such attacks existed only in theory, but now they are "live" around us. Even more frightening is that the 51% attack on Ethereum Classic was just one of a series of recent blockchain attacks, so now is the time to pay attention, as these hacks have begun to erode the once unhackable blockchain.
Since the beginning of 2017, the total value of cryptocurrencies stolen by hackers in public channels alone has reached $2 billion, the vast majority of which came from exchanges. However, not all of these attacks were done by independent hackers, and some organized cybercriminal groups have also begun to focus on the blockchain. Recently, the cryptocurrency analysis company Chainalysis stated that at least two more active hacker groups have stolen nearly $1 billion worth of cryptocurrency from exchanges, but Chainalysis did not disclose the specific names of the two hacker groups.
secondary title
Hackers are shifting from exchanges and trading sites to attacking the blockchain directly
The blockchain can actually be seen as an encrypted database maintained by the Calculus network, and each computer stores a copy of the latest version of the blockchain software. A blockchain protocol is a set of rules that dictates how computers (also known as nodes) in a network should verify new transactions and add verified transactions to a database. The blockchain protocol combines cryptography, game theory, and economics to provide incentives for nodes to work hard to protect the network, rather than attacking the network for personal gain. If the protocol is set up correctly, it is not only very difficult and expensive to add false transactions to the system, but it is relatively easy to verify valid transactions.
It is precisely because of these inherent advantages that blockchain technology has become extremely attractive to many industries, especially the financial system. Well-known financial institutions such as Fidelity Investments and the New York Stock Exchange (Intercontinental Exchange) have begun to deploy blockchain technology in their own financial systems, and even central banks in some countries are also considering blockchain-based The chain issues legal digital currency.
However, the more complex the blockchain system, the more places where setup errors can occur. For example, Zcash is a privacy cryptocurrency that uses complex mathematics to process transactions, but earlier this month, Zcash operators disclosed that they had secretly fixed an "occasionally present cryptographic vulnerability in the protocol" that could be exploited by attackers. The bug created an infinite amount of fake Zcash cryptocurrency, but fortunately, no one seems to have actually done it yet.
Blockchain protocols are not the only thing that can ensure security. If you want to trade cryptocurrencies or run phases, you must allow software clients for the corresponding cryptocurrencies, and there may be security holes in these clients. Last September, Bitcoin Core developers had to scramble to fix a bug (and a secret, actually) that could have allowed attackers to mine more bitcoins than the system allowed.
secondary title
51% attack rule
Most cryptocurrencies have some inherent susceptibility to 51% attacks because most cryptocurrencies are issued on blockchains that essentially use proof-of-work for transaction verification agreement. In this process (also known as mining), nodes need to spend a lot of computing power to prove that they are trustworthy enough so that new transaction information can be added to the database. For miners who somehow control a majority (say, 51%) of the network's mining instance, they can send fake payment transactions to trick other users, and then create an alternate version of the blockchain where payment transactions never occurred , and this new version of the blockchain is actually called a "fork". Interestingly, an attacker who controls a majority of mining power can fork a new blockchain to become the "authoritative version" and use the same cryptocurrency again.
However, if the blockchain is large, it can be very expensive to attempt a 51% attack. according toCrypto51According to the data of the website, if enough mining power is used to attack Bitcoin, the current hourly cost exceeds 260,000 US dollars. However, it seems that the cost is not so high when trying to attack other cryptocurrencies. More importantly, once the attack starts, it will cause the currency price to drop, making the attack cost cheaper, and eventually causing the miners to shut down the mining machine, so the network protection becomes less - caught in a vicious circle.
Since mid-2018, attackers have tried to conduct 51% attacks on some cryptocurrencies with small market capitalization, including Verge, Monacoin, and Bitcoin Gold, causing losses of more than $20 million. Later, in the fall of 2018, hackers stole about $100,000 in funds by attacking the Vertcoin cryptocurrency, while Ethereum Classic was the first time hackers carried out a 51% attack on the top twenty cryptocurrencies by market capitalization.
David Vorick is the co-founder of Sia, a blockchain file storage platform. He predicts that the frequency and impact of 51% attacks will continue to grow, and cryptocurrency exchanges will be the most direct victims of "double spending". David Vorick believes that the number of 51% attacks will increase and the impact of attacks will increase, mainly because the computing power market is developing too fast, and attackers can rent mining calculation instances to carry out attacks. He said:
secondary title
New Bug Targets the Blockchain
In addition to 51% attacks, blockchain security flaws also need attention. In fact, researchers have begun to explore "smart contract vulnerabilities".
Smart contracts are computer programs that run on a blockchain network to automate the transfer of cryptocurrencies according to prescribed rules and conditions. Smart contracts have many potential uses, such as facilitating the execution of real-world legal contracts and complex financial transactions, or establishing a voting mechanism (voting mechanisms have many application scenarios, such as all investors in a venture capital fund can vote to decide how allocated funds).
In 2016, a fund called "DAO (Decentralized Autonomous Organization)" was established using the Ethereum blockchain system. But soon, attackers stole more than $60 million worth of cryptocurrency using a vulnerability in the DAO smart contract that allowed hackers to repeatedly request funds from accounts that were not registered on the system, even if the funds were withdrawn. You can also request to get it again. It is said that this is a recursive call to the splitDAO function vulnerability, which means that the splitDAO function will illegally call itself again after being legally called for the first time, and then repeat the process of calling itself illegally. Such a recursive call can make the attacker's DAO assets repeatedly separated from TheDAO's asset pool dozens of times before being cleared. The attacker's DAO assets should be cleared. Not only that, under normal circumstances, after the attacker's DAO assets are separated, TheDAO asset pool will destroy these DAO assets. However, the attacker transferred his DAO assets to other accounts before the recursive call ended, so that this part of DAO assets could be avoided from being destroyed.
In traditional software, if a bug occurs, it can be fixed with a patch, but this cannot be done on a blockchain smart contract.
Petar Tsankov, ETH Zurich Research Institute and co-founder of smart contract security startup ChainSecurity, said:
“Because the transactions on the blockchain cannot be reversed, deploying smart contracts is a bit like launching a rocket. After launching, it can only succeed but not fail.”
Of course, there are still ways to fix smart contract vulnerabilities.
Although a smart contract cannot be "patched", it can interact with it by deploying other smart contracts, thereby achieving the effect of "contract upgrade". Developers could also build a centralized “kill switch” within the network that would halt all activity as soon as a hack is detected, although it would be too late for users whose funds have been stolen.
The only effective way to retrieve funds is to rewrite the history, that is, go back to the point on the blockchain before the attack, create a new blockchain fork, and get everyone on the network to agree to use the new blockchain— — This is actually what Ethereum developers are doing. In fact, today most of the community users (but not all) have moved to the new Ethereum blockchain, which is what we call Ethereum now, but this Ethereum is not the original Ethereum blockchain, only a few A small minority still stick to the original Ethereum blockchain, which is now known as Ethereum Classic.
In January 2019, Petar Tsankov and his ChainSecurity team once again saved Ethereum from another catastrophic attack similar to the DAO. Just the day before Ethereum decided to upgrade the Constantinople software, ChainSecurity informed the core developers of Ethereum that there were still some smart contracts on the blockchain, which were vulnerable to similar attacks from the previous DAO, and also There will be unintended consequences. Ultimately, Ethereum core developers decided to postpone this upgrade again.
According to Victor Fang, co-founder and CEO of blockchain security company AnChain.ai, there are currently hundreds of Ethereum smart contracts that have this so-called "rewritable/reentrancy bug (Reentrancy Bug)" vulnerability, Tens of thousands of smart contracts may also contain other vulnerabilities. For the public chain, as long as there are smart contract vulnerabilities, hackers will find them, because it is very easy to see the source code of the blockchain. “Vulnerabilities on the blockchain are completely different from security vulnerabilities on traditional networks,” said Victor Fang, who previously worked at cybersecurity firm FireEye.
secondary title
Can we beat blockchain hackers?
In fact, a number of startups are already tackling the blockchain hacking threat by using artificial intelligence to monitor transactions and detect suspicious activity, as well as scan smart contract code for known vulnerabilities.
There are also some companies (such as ChainSecurity, which discovered the Ethereum blockchain smart contract vulnerability mentioned above), are developing audit services based on computer science technology "formal verification", which aims to prove from a mathematical point of view that the smart contract code can Truly does what its creator intended. Petar Tsankov revealed that most of these auditing tools only started to appear about a year ago, and also allowed smart contract creators to screen out many loopholes, but this process is time-consuming and expensive.
Philip Daian, a researcher at Cornell University's Cryptocurrency and Contracts Program, suggested a blockchain "bug bounty" initiative that would encourage people to report bugs and be rewarded in cryptocurrency.
However, the blockchain is a complex economic system after all, and its security also depends on some unpredictable human behaviors. The complex consequences of code-to-code interactions, blockchain economics, and human greed all make blockchain seem like a gray area. All in all, although blockchain technology has always "bragged" about having strong security, under certain conditions, blockchains can become very vulnerable.
