The major selling point of blockchain is its immutable nature and the fact that it is not susceptible to hacks. Apparently, enthusiasts have always used these facts as the core notion to back their claim that the technology is a viable replacement for traditional financial systems. However, recent reports, as well as the unrelenting cases of crypto-related hacks and thefts, have opened up new controversies that threaten to challenge down the heralded unhackable title that had once defined blockchain.
Earlier this year, reports revealed that attackers had successfully launched the 51% attack on Ethereum Classic, which is one of the top 20 cryptos in the market. While this was not unprecedented as we have witnessed various attempts by malefactors to do the same on other blockchains, notwithstanding, this was the first time an attempted 51% attack on one of the top 20 cryptocurrencies was successful. To better understand the magnitude of this event, we will take a look at the concept of this attack and how it comes to play in the establishment of crypto as a secure means of transaction.
What Is A 51% Attack?
The blockchain is basically a public record of vetted transactions and a majority of the crypto blockchain, we have today, function as decentralized P2P networks that rid themselves from the input of centralized authorities. In order to avoid issues relating to fraud and security, these blockchains have unique consensus mechanisms that ensure that the nodes of the network have inputs in verification processes that would prevent double spending (the ability to falsify the transactions registered into the blockchain so as to spend the same crypto more than once).
For a node to have the ability to double spend, it must control a major stake in the consensus process that would allow it to make changes to the record of the blockchain. This is where the 51% comes in, as it means that the attacker has control of over half of the consensus power or mining power of the blockchain.
Nevertheless, before the event of the latest attack on Ethereum Classic, experts believed that lesser known cryptocurrencies, with a fewer number of nodes, were more susceptible to this sort of attack. While cryptos at the lower tier of the crypto market faced countless threats to their network, the so-called big boys were confident in the fact that the sizes of their networks shielded them from such threats. it was a known fact to attackers that it was financially impossible to attack these blockchains.
However, factors, like the drastic fall of the prices of cryptocurrencies and the commercialization of cloud mining (which affords attack a cheaper way of renting miners and computer power for their malicious acts) are beginning to change the narrative on blockchain’s security. In the aftermath of the attack on Ethereum Classic, reports suggest that the attacker was able to cart away with over $1.1 million worth of crypto.
Needless to say, this revelation is a major setback for crypto’s push as a viable means of payment and it could go a long way to hurt its mainstream ambition. Besides this, we are beginning to record new forms of security frailties that could compound blockchain’s state of conundrum. Apparently, the increase of reported smart contract bugs is as big a threat as the 51% attack.
Smart Contract Bugs
In 2016, we witnessed the first crypto theft that was as a result of one or more vulnerabilities on a smart contract as the hacker stole over $60 million worth of Ethereum. More importantly, this was the major event that highlighted the consequences that come with flaws in smart contracts that expert had noted as one of the most important innovative contributions of the blockchain.
Three years down the line, we are still experiencing reoccurring issues associated with smart contracts with vulnerabilities. In January, reports revealed that smart contract security expert had warned Ethereum developers of flaws that were found in their proposed blockchain updates. As a matter of fact, these frailties were similar to the ones the attacker took advantage of in 2016. Also, cryptocurrencies are susceptible to this type of attacks because they are mostly open projects, as such, their source codes are readily available on the internet. This makes it easy for attackers to spot flaws easily.
Another factor that makes the topic essentially peculiar to cryptocurrency is that unlike the traditional software, once a faulty smart contract is active on a blockchain, it is difficult to debug it. The same is true for users that lose their crypto to an attack on a flawed smart contract. As a result, the issues relating to blockchain security comes with complications that would require a great deal of commitment and ingenuity to resolve.
The crypto community has often pointed out the majority of security breaches in this space are a result of questionable security strategies in the part of exchanges and individual users. However, with the explosion of blockchain attacks, we expect an influx of unwanted spotlight that would challenge the much-applauded core characteristic of the technology.