Decentralized Blockchains: Myth or Reality?
Decentralized blockchains are largely mythological heroes with all-too-real vulnerabilities, according to a new report prepared for the US military’s top R&D outfit.
This week saw the launch of Are Blockchains Decentralized?, a report prepared by technical security evaluators/advisors Trail of Bits (ToB) for the Defense Advanced Research Projects Agency (DARPA), the legendary research and development arm of the US military.
About a year ago, aware that blockchain technology was increasingly encroaching on areas far beyond financial transactions, DARPA asked ToB to kick the tires of blockchains—specifically, the BTC and Ethereum chains—to determine whether their claims of decentralization were justified and which cyber security risks. these chains may face due to their decentralization (or lack thereof).
Worryingly, the ToB concluded that while the immutability of blockchains is taken for granted today, this immutability “cannot be broken by exploiting cryptographic vulnerabilities, but instead by subverting the properties of a blockchain’s implementations, network and consensus protocol. We show that a subset of participants can gain excessive, centralized control over the entire system.”
While the headline findings don’t necessarily come as shocking news to blockchain veterans, they may serve as a wake-up call to newbies, especially politicians who gleefully spout every “crypto” cliché in the book after accepting hefty campaign contributions from “crypto bros” zealots to see the sector either lightly regulated or not at all.
Here be decentralized dragons
Chief among the report’s caveats is the fact that all major blockchains have “a privileged set of entities that can alter the semantics of the blockchain to potentially alter past transactions.” For BTC, the bar is set low at four units (ie mining pools representing only 0.004% of all network nodes). For Ethereum, there are only two (from January 2021) or three (from April 2022).
Both BTC and Ethereum use proof-of-work consensus mechanisms, but most proof-of-stake chains can be hijacked by a handful of validators who together control a third of the staked assets. In the case of the perpetual vaporware known as Ethereum 2, as few as 12 striking whales could seize control of the network for whatever purpose they wished.
The off-chain governance structures of mining pools and validators are also under ToB’s suspicion. As for the pools, their use of the unencrypted Stratum protocol to assign jobs to individual miners exposes these operations to “an eavesdropper such as a nation-state, ISP, or local network participant” who could use “man-in-the-middle” attacks to steal CPU- cycles and payouts. Updates have been made to the Stratum protocol, but there has been little progress in the transition to a more secure protocol.
Miners also either rely on hard-coded passwords for their accounts or do not validate passwords during authentication. ToB cited three mining pools that together account for a quarter of the BTC hashrate and found that one did not validate any authentication credentials, another assigned all accounts the password ‘123’ while the third told users to ignore the password field because it was “an older Stratum protocol parameter which has no use today.”
Total eclipse of the Sybils
As for the fabled proof-of-work blockchain bugaboo, the 51% attack, the report delves into how the ‘Sybil’ and ‘eclipse’ subcategories work together to compromise networks. ToB notes that the natural latency of the BTC network meant that the network’s effective computing power between January-June 2021 was only 98.68% of the theoretical maximum. This means that it would actually only take 49% of the total hashrate to launch an attack, and this could drop even further – as low as 20% – through “accidental or malicious introduction of additional latency.”
Adding new Sybil nodes does not require expensive specialized mining hardware, but optimal network deployment requires that the cost of a single participant operating multiple nodes is greater than the cost of operating one node. ToB claims the only current way for a permissionless blockchain to achieve this is to use a centralized trusted third party, which kind of undermines the whole decentralized thing.
On a related note, echoing a view shared by our own Kurt Wuckert Jr. has supported for years, ToB states that “the vast majority” of BTC nodes – possibly as much as 94% of the total – “appear not to participate in mining” and therefore “do not contribute meaningfully to the health of the network.”
Don’t mention TOR
Blockchains are also vulnerable due to the underlying network infrastructure on which they exist. ToB says that over the past five years, 60% of all BTC traffic “passed just three ISPs”, while around half of BTC traffic was routed through the TOR network. All of this opens up new avenues for eclipse attacks, “since the ISPs and hosting providers have the ability to arbitrarily degrade or deny service to any node.”
The report singles out TOR for particular derision, noting that it routes traffic for around 20% of BTC nodes, making it “more popular than any other [autonomous system] or network provider.” Malicious TOR exit nodes “can modify or drop traffic similar to an ISP,” and the report cites a recent incident where “a malicious actor (believed to be from Russia) used a Sybil attack to gain control of up to 40% of TOR exit nodes,” which said suspected Russian used to rewrite BTC traffic.
Softwear & Tear
Over a fifth of BTC nodes have outdated ‘Bitcoin’ Core client software with known vulnerabilities, making the network not only slower, but also less secure. But while software bugs are problematic, blockchains are also vulnerable to “open software changes.” This puts a bull’s eye on the handful of individuals who develop and maintain blockchain software, making them “susceptible to targeted attacks.”
The report notes that there are currently only four “active contributors with access to the Bitcoin Core codebase, the compromise of any of which would allow arbitrary modification of the codebase.” The report makes it clear that this is no idle speculation, citing a recent incident in which the Polygon network’s lead developer was targeted by the Pegasus malware (the same malware that El Salvador’s BTC-loving president had installed on the phones of unfriendly journalists).
Centralization and security of mining pool infrastructure is another potential avenue of attack. ToB says that, to its knowledge, there has never been a third-party security assessment of mining client software. As a result, “any remote code execution vulnerability in a mining pool client would allow an attacker to either deny service to the mining pool (ie, reduce the overall hashrate) or redirect the hashrate against a 51% attack.”
On-chain software, including Ethereum’s smart contract ecosystem, is also “susceptible to code reuse and vulnerabilities.” The report found that “90% of Ethereum’s smart contracts were at least 56% similar to each other,” while 7% were “completely identical.” The seemingly endless series of DeFi exploits suddenly makes a lot more sense, doesn’t it?
Conclusion
The bottom line is that while blockchain technology’s cryptography remains “quite robust,” the implementations of particular blockchains leave a lot to be desired—and many attack vectors. The authors make the sharp point that blockchain/crypto’s inherent risks “have been poorly described and are often ignored – or even mocked – by those looking to cash in on this decade’s gold rush.”
The ToB report was in the works long before the current crypto crash began in earnest, but the timing of its release – amid a flurry of human and technical cock-ups that have pulled the curtain on the sector’s criminality and incompetence – was spot-on. Decentralization, especially when it comes to DeFi, is largely illusory, and thus the whole concept of decentralization requires a reassessment.
See: BSV Global Blockchain Convention presentation, Sentinel Node: Blockchain Tools to Improve Cybersecurity
New to Bitcoin? Check out CoinGeeks Bitcoin for beginners section, the ultimate resource guide for learning more about Bitcoin – originally envisioned by Satoshi Nakamoto – and blockchain.