Blockchain

Security Issues & Challenges

Presented by Alexia Rolland & N3.46 周辰翰
 Table of contents

01 02 03
Introduction Advantages of Main issues and
blockchain challenges

04 05 06
Successes and Conclusion Questions
failures
01 Introduction
01
- Blockchain = recent technology = still in development

- Many applications of blockchain = importance of security

→ Cryptocurrencies, smart contracts, hyperledgers …

- 3 different types = different security issues

→ Public, private & consortium blockchains
02 Advantages of blockchain
 02
- 3 main advantages of structure of blockchain :

- 1. Increase of resiliency : compared to Single-Point Of Failure systems

- 2. More transparency and integrity : with consensus mechanism

- 3. Integrated security : thanks to its decentralization and validation of

transactions by the entire network
03 Issues & challenges
03 Main blockchain security issues &
challenges

01 02 03
51% attacks Forking issue Eclipse attacks

04 05 06
Application bugs Short address Timestamp dependence

07 08 09
Scalability issue Regulatory issue Integration issue
 03.01 51% attacks
- Technique

- Double Spending

- Hide information
 03.02 Forking issue
- Soft Forks:
previously valid blocks invalid = rules tightened
- Hard Forks:
previously invalid blocks valid = rules relaxed

- Forking issues can arise due to disagreements within the community over protocol
changes, software bugs, security vulnerabilities, or intentional attacks.

- Achieve a broad consensus on the direction of the blockchain network.

03.03 Eclipse attacks
- Attackers attack on a decentralized network to isolate a specific user or
group, not a whole network

- Decentralized blockchain network does not allow all the computers to be

simultaneously connected to all other computers

- Example : A Bitcoin node can only hold 8 outgoing and 117

incoming connections
 03.04 Application bugs
- Blockchains are developed by humans → subjects to coding/logic errors

- Famous examples :
- Attack against MtGox in 2015
→ $600 millions stolen
- Attack against Bitfinex in 2016
→ $65 millions stolen
- Attack against DAO in 2016
→ $55 millions stolen
 03.05 Short address
- Weakness in Solidity
→ Autocompletion with zeros

- Example : function Transfer with destination address and amount as parameters

ddeaddeaddeaddeaddeaddeaddead00000000000000000000000100
ddeaddeaddeaddeaddeaddeadde0000000000000000000000010000

address amount
 03.06 Timestamp dependence
- Timestamp may be modified by miners

- Dangerous for smart contracts using timestamps for important activities

- Problem for integrity of smart contracts

- Risk of loss of money
 03.07 Scalability issue
- 5 problems before the widespread adoption of blockchain :

- 1. Speed
- 2. Lack of interoperability
- 3. Technical feasibility
- 4. Supportive regulation
- 5. Expansion of consortium
 03.08 Regulatory issue
- New technology = very few regulation for now

- Complex regulation in terms of economic and political

- 82 countries declared cryptocurrencies legal BUT doesn’t mean the

government supports the virtual currency in any way.

- Makes it hard to really use blockchain applications

 03.09 Integration issue
- Integration of blockchain :
- High cost
- Need to rethink the entire infrastructure
- Change of habits for workers

- Lack of skilled blockchain developers

- Risk of data loss and security breach during transition

 Blockchain security successes
04 and failures
04
- Failures : Deployment
Energy consumption
Still a lot of security issues

- Successes : Efficiency
Transparency, decentralization, security
Fast development, many applications
05 Conclusion
05
- Still a lot of security issues to address

- Lot of potential in many sectors

- Blockchain still is a young technology in development

→ Improving every day (short address issue, Bitfinex)
06 Any questions ?