The attribute blockchain proponents consistently emphasize is its immutability. Blockchain, they claim, cannot be cracked.
In reality, experts suggest, the technology is more mutable than advertised and carries unique risks. In fact, public and private versions of blockchain offer different strengths and weaknesses that, in some cases, may make conventional, permission-based databases the better choice.
The biggest threat to blockchain immutability, observers say, sounds similar to a common technology problem: losing a password—or, in blockchain’s case, a key.
“The loss of a private key is probably the biggest threat to blockchain systems,” said Allison Berke, executive director of the Stanford Cyber Initiative. “People have lost millions in bitcoin after losing their private keys.”
Unlike conventional databases, public and private blockchains encrypt data onto a chain recorded in a digital ledger that is distributed among numerous servers, or nodes. Blockchain data is presumed to be immutable because the multiple nodes validating and monitoring transactions would recognize and prevent an attempted attack.
Bitcoin is the most widely known public blockchain. It has thousands of decentralized nodes that perpetually monitor one another for bad-actor activity, presumably making its blockchain highly secure. Users of bitcoin (or other public cryptocurrencies) hold private keys to access digital wallets that hold the coins. Likewise, users of services built on top of blockchains use such keys—similar to passwords to access conventional databases—to access their proprietary data.
Berke noted that conventional databases pose less risk in this regard because as a central authority they hold copies of users’ passwords and/or allow them to create new ones. “Anytime a use case doesn’t strictly require using a blockchain, anytime you can trust a central authority such as Amazon or your bank, then I think you should not use a blockchain solution,” Berke said.
In turn, she added, appropriate use cases of blockchain technology tend to have no central authority, such as government organizations in multiple states or countries that want to verify documents such as marriage licenses or birth certificates.
LOSS OF A LAYER
Steve Wilson, principal analyst at Constellation Research, noted that public and private blockchains eliminate the administration layer between parties in a transaction, increasing efficiency and reducing potential mischief. However, private blockchains tend to be maintained more regularly and participants can generally expect service-level agreements over the software code. He advocates private blockchains to administer complicated systems such as corporate supply chains, especially for highly regulated businesses such as pharmaceuticals.
Nevertheless, private blockchains’ immutability also is less than perfect, Wilson said. Many operate with as few as half a dozen nodes, at least conceptually making them less resilient to attacks than public blockchains.
From a security standpoint, private blockchains start to resemble today’s conventional permission-based databases. Berke pointed out that private blockchains typically have some sort of gatekeeper functionality to determine who holds the distributed ledger and how nodes participate in the network. Assuming the gatekeeper(s) can be trusted, private blockchains may even be more secure than their public cousins, she said, since the latter are open-source networks and no one is vetting the software, so software developed for a malicious node could disrupt or divert the blockchain.
Even so, their relatively few nodes make private blockchains inherently more susceptible to a so-called 51-percent attack, in which an entity controlling more than half the nodes in a blockchain network could potentially disrupt it. Gaining control of more than 50 percent of a public blockchain’s thousands of nodes should theoretically be more difficult, but that’s already happened to bitcoin, when in 2014 the GHash bitcoin mining pool gained majority control on several occasions.
More recent concerns have focused on the enormous technology and energy resources required today by mining nodes to solve the complex mathematical problems that encrypt data to the blockchain and earn new bitcoins. Not only has that resulted in a more concentrated pool of miners, but many of them appear to be located in northern China, where the government-subsidized energy and cool temperatures make mining profitable.
Dr. Gideon Greenspan, founder and CEO of Coin Sciences, developer of the MultiChain platform to create private blockchains, wrote in a May 2017 blog titled “The Blockchain Immutability Myth” that while it would be enormously energy-intensive and expensive for a majority of nodes to change an earlier block and in turn the subsequent ones to hide the change, the cost is still “small change” for any “mid-size country.” Greenspan adds that a less costly option for China, if it indeed is home to a majority of bitcoin nodes, would simply be to take the miners by force, enabling it to control which data blocks are validated and attached to the blockchain and which are not.
News in early 2018 about Chinese regulators limiting the electricity supply to bitcoin miners and asking local governments to “guide” them to exit the business may allay some fears. However, the threat of a 51 percent attack remains. Should it occur, bitcoin participants would no doubt realize what has happened and may opt for taking the digital currency in another direction, resulting in a so-called fork. Forks may also occur when a significant minority of nodes disagree with the majority consensus and opt to go in a different direction, verifying a different progression of data blocks. In 2016, for example, an Ethereum smart contract, one of the public blockchain’s several business features, was hacked and the perpetrator proceeded to drain millions of dollars in ether, the blockchain network’s cryptocurrency.
A majority of nodes agreed to fix the software bug that the attacker exploited and return the coins to their rightful owners. However, a minority of “purist” nodes opted to keep the original software, resulting in users of Ethereum, whether as a currency or a tool to manage other data, having to choose between the one version of the cryptocurrency or the other.
So much for the immutability. Berke suggested that private blockchains may be less susceptible to forks, given the nodes are likely to be vetted by the group that assembled it for a specific reason. Nodes, however, are controlled by human beings, between which disagreements can arise.