Blockchain Not As Secure as Some Experts Thought

in #blockchain7 years ago (edited)

Security researchers are now coming to terms with what a smart-contract vulnerability even looks like.

blockchain not secure.jpg

Blockchain has the potential to transform the world we currently live in. Experts insist the technology is “bigger than the internet,” however we might need to take a beat before we put everything from our cash, financial data to our health records on blockchains. Based on a new study titled ‘Finding The Greedy, Prodigal, and Suicidal Contracts at Scale,’ the technology is not nearly really as secure as most ‘experts’ initially thought.

Back in 2009, Bitcoin set the blockchain revolution in motion giving any two parties, wherever, an option to quickly and securely transfer money.

Some newer blockchains, most notably Ethereum, take the utility of Bitcoin to the next level by incorporating smart contracts, which automate the process. The term “smart contract” comes from the digital currency pioneer Nick Szabo, who coined it more than 20 years ago (and who may or may not be the famed Satoshi Nakamoto).

For instance, say you wish to purchase 10 ethereum tokens, however only if the price drops under $500 per token. Smart contracts are set up to execute particular actions after they encounter a specific state of affairs, so you might set one deal to buy 100 ethereum tokens when the price drops.

That is not all they can do: while smart contracts could be as simple as the above, they can also be way more sophisticated. You could additionally set up a smart contract to purchase ether if the price hits under $500 per token, you’ve got an account balance above $50,000, it’s a Sunday, and the temperature is greater than it was yesterday! It can be as simple or as complex as the parties can agree on.

Not only are they essential for financial industries, but smart contracts are also important for industries outside of finance that need to reap the benefits of the blockchain technology. For instance, if healthcare systems wished to put medical data on a blockchain, it could use smart contracts to make sure only relevant medical professionals are granted access to them.

While all of it sounds very good in concept, there is some bad news: a research group of computing experts from the National University of Singapore (NUS) and University College London (UCL) published research that details a shocking number of security flaws in smart ethereum contracts.

blockchain_workflow.jpg
How does blockchain work?

Users discovered this the hard way when hackers stole $50 million from the so-called Decentralized Autonomous Organization, which is based on the Ethereum blockchain.

The research group analyzed roughly a million smart contracts using a custom-built instrument known as MAIAN. The group was in search of contract attacks that could be manipulated to lock funds indefinitely, leak funds randomly, or just kill the contracts.

Their evaluation tool flagged about 34,000 contracts. It even discovered the flaw in the wallet service Parity’s blockchain app that rendered $169 million worth of ether tokens inaccessible to owners back in November 2017. The researchers then manually analyzed 3,759 contracts and found out that they could exploit vulnerabilities in 3,686 of them.

The head of the research team, Sergey compares the crew’s work to interacting with a vending machine as if the researchers randomly pushed buttons and recorded the situations that made the machine act in unintended ways. “I believe that a lot of vulnerabilities are still to be found and formally specified,” Sergey says.

YOU MAY LIKE: What is Bitcoin Cash & How Does It Differ From BTC

Figuring out that roughly 3.4 % of smart contracts might be susceptible to attackers is enormous. Sure, the centralized technologies we currently use to handle our funds and other essential data aren’t ironclad. Nevertheless, if we’re going to undergo all the trouble of transitioning to a blockchain-supported digital economic system, constructing a better system for record keeping isn’t sufficient enough.

We must strive to construct the best system. Utilizing instruments like MAIAN to reveal current weaknesses is an excellent place to begin.

Source: https://gadgtecs.com/2018/03/03/blockchain-might-not-secure-thought/


P.S Check out http://steemspeak.com Its the first and best channel I discovered on Discord! and a HUGE shoutout to @tytran, @battleaxe, @kassixo (<- this girl is awesome!) @walden and @ackza (<-- Best guy ever! Without him I would be a 0 is Steemit) @binkley from SteemThat.com and @amanda46536 (one of my first friends here)... Hope I haven't left anyone out. Follow me and comment pls, I #followback :)

Sort:  

Your post was resteem by Whale ResteemService @booster007

Keep it up!
All the best!

Send 0.100 SBD/steem For resteem over 4200+ followers / send 0.200 SBD/steem resteem over 10,000+ Follwers Send your link in memo ! @boostupvote Attached !

cool. thanks

That's crazy, so hackers stole 50 million from Ethereum smart contracts?

Maybe Counterparty is a better option, they also have smart contracts and they're around since 2014.

Yup, in 2016! Thanks for the suggestions, didn't know what counterparty is before your comment :)

This post has been resteemed to 5750+ followers and 100% upvoted by @talhadogan
Thank you for using my resteem service!




TO USE THE BOT
Send 0.500 SBD or 0.500 STEEM to @talhadogan (URL as memo)


thank you very much :)

Your Post Has Been Featured on @Resteemable!
Feature any Steemit post using resteemit.com!
How It Works:
1. Take Any Steemit URL
2. Erase https://
3. Type re
Get Featured Instantly � Featured Posts are voted every 2.4hrs
Join the Curation Team Here | Vote Resteemable for Witness

thank you very much!!

thnk u. upvoted n following you :)

You just planted 0.02 tree(s)!


Thanks to @amanda46536

We have planted already 5588.17 trees
out of 1,000,000


Let's save and restore Abongphen Highland Forest
in Cameroonian village Kedjom-Keku!
Plant trees with @treeplanter and get paid for it!
My Steem Power = 20600.08
Thanks a lot!
@martin.mikes coordinator of @kedjom-keku
treeplantermessage_ok.png

This post has received a 0.31 % upvote from @drotto thanks to: @banjo.

thank you

This post was upvoted and resteemed by @resteemr!
Thank you for using @resteemr.


@resteemr is a low price resteem service.
Check what @resteemr can do for you. Introduction of resteemr.

Resteemed by @resteembot! Good Luck!
Curious? Read @resteembot's introduction post
Check out the great posts I already resteemed.

ResteemBot's Maker is Looking for Work.

Hola @brn123, upv0t3
Este es un servicio gratuito para nuevos usuarios de steemit, para apoyarlos y motivarlos a seguir generando contenido de valor para la comunidad.
<3 Este es un corazón, o un helado, tu eliges .

: )


N0. R4ND0M:
1445 4782 7127 6365
3693 2719 3575 1617
2582 4666 1733 9610
8483 4598 1210 3949

thank you. following n upvoted :)

Coin Marketplace

STEEM 0.26
TRX 0.21
JST 0.038
BTC 98006.84
ETH 3638.04
USDT 1.00
SBD 3.85