By Howard Poston on Jun 21, 2019 12:38:23 AM
This article is the final post in a multi-part series describing how blockchain works and some of the security assumptions associated with it. Each article will describe a different level of how the blockchain’s distributed ledger operates, starting with the fundamentals.
Blockchain technology provides users with a number of advantages not present in traditional systems. Blockchains are the first fully distributed and decentralized system that is capable of maintaining a shared, trusted ledger. This allows a network to keep a record of its history and be confident that a malicious user or users is not capable of modifying this history to their own benefit.
However, blockchain technology isn’t perfect. Bitcoin was originally designed to replace traditional payment systems (like credit cards); however, by itself doesn’t have the ability to do so. Blockchain technology has limitations, and blockchain extensions have been developed to help mitigate or eliminate these.
Limitations of Blockchain
Blockchains has a very specific structure. Due to the need for the network to remain synchronized and for the network to validate all transactions, transactions cannot be continuously added to the distributed ledger. Instead, transactions are organized into blocks, which are added to the distributed ledger at regular intervals. This design limits the speed and capacity of the blockchain solution.
The speed at which transactions are added to the distributed ledger is severely limited on the blockchain. Blockchains typically have a target block rate, that is enforced at some level by their consensus algorithm. For example, Bitcoin has a block rate of 10 minutes, meaning, with the three block rule, you may have to wait half an hour before a transaction is considered trustworthy. This compares unfavorably with credit cards, where a “slow” transactions is done in a minute.
Blockchains also have an issue with a maximum capacity. In addition to the set block size, many blockchains have a set maximum block size designed to protect against Denial of Service (DoS) attacks. With fixed-size blocks created at fixed intervals, the blockchain can only process so many transactions in a time period, and this capacity is often far below that of the payment card system.
Some distributed ledger technologies have abandoned the blockchain data structure in order to address these problems. For example, IOTA uses a directed acyclic graph (DAG) as its underlying data structure, which greatly increases its transaction speed and capacity. Some blockchains make small protocol tweaks (like increasing the block rate) to improve transaction speed and capacity. And some blockchains have begun leveraging blockchain extensions to help address these issues while maintaining the original design of the blockchain.
Sidechains are primarily designed to increase the capacity of the blockchain by offloading some transactions to a standalone blockchain. There are a few different implementations of sidechains, but a common one is to “peg” a sidechain to a parent blockchain. With pegged blockchains, a user on one blockchain can send tokens to an “output address”, and the equivalent amount of tokens will be released onto the sidechain. Pegs are bidirectional, so the user can return to the original blockchain at will.
One benefit of sidechains is the increase in capacity for the original blockchain. Since transactions performed on the sidechain are not recorded in the blocks of the main blockchain, the total capacity of the system is increased.
Sidechains can also be used to address specific deficiencies of the parent blockchain. For example, a sidechain could have a faster block rate than the parent chain, increasing the system’s transaction speed. Alternatively, sidechains can increase the capabilities of the system, like the Rootstock sidechain that plans to add smart contract functionality to Bitcoin.
The main security consideration of sidechains is that the sidechain is a completely distinct system from the main chain. It needs to have its own means of securing consensus, through a large pool of miners, stakers, etc. Otherwise, a hack of the sidechain could affect the quality of its peg with the main chain and its users’ ability to switch back and forth.
Another blockchain extension that has been getting a lot of press is the state channel. The most famous state channel system is probably the Lightning Network running on the Bitcoin network. However, other state channel implementations run on other blockchains under different names.
State channels function as a second-level protocol that runs on top of a traditional blockchain implementation. A state channel is a direct connection between users of the blockchain network. They establish the channel using a traditional blockchain transaction that establishes the balance that each has contributed to the channel (i.e. 1 BTC apiece). After the channel is established, payments are made by creating mutually signed assertions regarding the balance of value in the channel (i.e. .75 BTC and 1.25 BTC). The channel can be closed down at any time, and another blockchain transaction is created using the most recent balance assertion to place the correct amount of cryptocurrency in each participant’s blockchain account.
The main advantages of state channels are transaction speed, scalability, and privacy. Transactions only require the channel participants and can be completed near-instantaneously. However, if a channel becomes too unbalanced, it may be impossible to make a payment. This is where the network of state channels can be very useful since transactions can pass through different paths to rebalance channels or perform transfers between unconnected parties.
The main security consideration of state channels is that transactions are backed by the blockchain but not recorded on it. State channel transactions are private to the recipients, and the blockchain network has to trust that all transactions made over them are legitimate. However, the point-to-point nature of state channels protects against double-spend attacks since the value stored in one channel is unique to that channel and cannot be used to open and perform transactions in other channels.
The Distributed Ledger Universe
This series was designed to be an introduction to blockchain technology with a focus on blockchain security. However, the solutions discussed in these articles are not the only ones out there. Other distributed ledger implementations (like DAGs and hashgraphs) use different data structures and have different security properties. Also, the blockchain can be extended using external devices that interact via APIs or smart contracts. When designing a distributed ledger solution, it’s important to consider all of the available technology and the security considerations associated with it.
Guest author Howard Poston is a cybersecurity and blockchain security consultant and trainer. This is the first part of a series on blockchain by Howard and he will be posting additional blockchain updates to the GhostVolt blog. You can reach Howard at email@example.com
Download the complete Introduction to Blockchain series here.
GhostVolt, a powerful security application for teams, encrypts data using the AES-256 encryption algorithm both at rest and in transit. AES-256 is the algorithm approved by the US government for encryption of classified data and is considered the standard for data encryption. With GhostVolt, you can take an important step towards securing your data and meeting the regulatory criteria of CCPA, as well as GPDR and HIPPA requirements.