Jun 24, 2022 08:00:00

DARPA publishes a research report that analyzes in detail whether blockchain is really decentralized and decentralized

' Blockchain ', which manages one database in a distributed manner by all network participants, is a technology that is expected to have various applications in the future. The

US Defense Advanced Research Projects Agency (DARPA) and the Trail of Bits, an organization investigating the security of various technologies, have released a report examining 'Is blockchain really a secure and decentralized data management system?' did.

Are blockchains decentralized? | Trail of Bits Blog
https://blog.trailofbits.com/2022/06/21/are-blockchains-decentralized/

Are #blockchains actually decentralized? Analysis we commissioned from @trailofbits uncovers unintended centralities and provides important insights on the potential impacts of security vulnerabilities within this technology. Access the full report here: https://t.co/V36rSOmvJc pic.twitter.com / WCbv7m9WQy

— DARPA (@DARPA) June 21, 2022

Blockchain is a system that manages databases in a distributed manner among network users while collecting transaction records made in the network into a block of cryptographic information called a block, including each hash value in the next block and connecting them. is. In the past, database management was centralized by the government, organizations, companies, individuals, etc., but since blockchain is distributed and managed by all users of the network, it is a 'decentralized data management system.' It can be said.

What is a 'blockchain'? And why is it becoming more commonly used? --GIGAZINE

By Antana

Not only is the data encrypted, but the blockchain connects the blocks with hash values that ensure the uniqueness of the data, and all users share one ledger, so data tampering is theoretically impossible. It is a possible system. And the cryptographic calculation required in this blockchain is 'mining', and virtual currencies such as Bitcoin and Ethereum are cryptographic assets obtained as rewards for mining.

The Trail of Bits said, 'The risks inherent in blockchains and cryptocurrencies have not been fully explained so far. It is normal for anyone trying to make money in the last decade of the gold rush to ignore this risk. Or I think I'm even stupid. Cryptocurrency proponents say the foundation of blockchain technology is sound against the recent market turmoil and price plunge, but is that really the case? ? '.

First, the Trail of Bits said, 'Blockchain immutability can be disrupted by breaking the properties of blockchain implementations, networking, and consensus protocols, rather than exploiting cryptographic vulnerabilities. There is. ' Also, the encryption used in virtual currency is safe in every sense, but it does not guarantee the security that supporters will hear.

In addition, even though the blockchain and Bitcoin itself are encrypted, the traffic that trades Bitcoin is not encrypted, so 'between nodes' such as Internet service providers, Wi-Fi access point administrators, and governments. It has been suggested that 'third parties accessing the network' may monitor it.

As of March 2022, the most used network provider for Bitcoin trading is Tor , an anonymous communication protocol network, with approximately 55% of Bitcoin's nodes addressed via Tor. However, malicious Tor nodes can tamper with or drop traffic content.

In addition, one in five Bitcoin nodes is running an older version of the Bitcoin Core client known to be vulnerable. If the node is using an old network monitor or the wrong network monitor for the network, the cost to carry out a standard 51% attack will be lower. The cost of the 51% attack on Bitcoin in the first half of 2021 was about 49% of the hash rate, which was lower than the theoretically required cost. It seems that this cost can be further reduced by network delay.

The number of entities sufficient to break the blockchain is 4 for Bitcoin, 2 for Ethereum, and less than 10 for most other networks. In order for the blockchain to be optimally distributed, it is necessary to take measures to prevent one person from controlling multiple nodes and attacking the network. However, at the time of writing the article, it is said that a method to implement this measure without adopting a centralized and reliable third party in a permissionless blockchain such as Bitcoin or Ethereum has not been found. Therefore, it is almost impossible for a permissionless blockchain to be completely decentralized by a completely decentralized operation that excludes third parties.

The Trail of Bits, with the support of DARPA, produces reports based on various analyses and calculations and is open source. You can read the body of the report below.

Are Blockchains Decentralized --Unintended Centralities in Distributed Ledgers --Final Report --62af6c641a672b3329b9a480_Unintended_Centralities_in_Distributed_Ledgers.pdf
(PDF file) https://assets-global.website-files.com/5fd11235b3950c2c1a3b6df4/62af6c641a672b3329b9a480_Unintended_Centralities_in_Distributed_Ledgers.pdf