Blockchain and Web 3.

0 Security
Prof. Gazy Abbas
Cyber security trainer
 Unit - 3
Security in Blockchain
Threats and Vulnerabilities:
51% attacks, double-spending,
and others, Smart contract
vulnerabilities and attacks
Security Measures: Consensus
mechanisms for security,
Cryptographic techniques for
securing transactions
Blockchain Security Overview

A threat is any potential danger to a system, which in the context

of blockchain could involve a variety of malicious activities
aimed at compromising the integrity, availability, or
confidentiality of the blockchain network.

A vulnerability is a weakness in the system that can be exploited

by a threat to cause harm. In blockchain, vulnerabilities can exist
in various components, such as the protocol, the software
implementation, or the smart contracts running on the blockchain.
Blockchain Security Overview

Blockchain technology is renowned for its security features,

primarily due to its decentralized nature and cryptographic
underpinnings.

However, it is not invulnerable.Various threats and vulnerabilities

can compromise blockchain systems. Understanding these issues
is crucial for developing more robust security measures.
51% Attacks
A 51% attack occurs when a single entity or group of entities gains control of more
than 50% of the network's mining hash rate, computing power, or stake. This
dominance allows the attacker to manipulate the blockchain in various ways.

Example:
Bitcoin Gold Attack (2018): Attackers
gained over 51% control of the Bitcoin Gold
network, allowing them to double-spend
coins. They reversed transactions that were
previously confirmed, causing significant
financial losses to exchanges and users.
How 51% attack works?
A 51% attack occurs when an attacker gains control of more than 50% of a
blockchain network's mining power, allowing them to:

• Mine a Private Chain: They secretly mine a separate version of the

blockchain faster than the public one.
• Double Spend: They make a transaction on the public chain and spend the
same coins again on their private chain.
• Release the Private Chain: They release their longer private chain, which the
network adopts as the new valid chain.
• Invalidate Transactions: The original transaction is invalidated, effectively
allowing the attacker to spend the same coins twice.
Double-Spending
Double-spending is the risk that a
cryptocurrency can be spent more than
once. This issue arises because digital
information can be easily reproduced, and
without proper safeguards, the same coin
can be sent to two different recipients.

Double spending is a risk in digital

currencies where the same unit of currency
is spent more than once. This issue is
prevented in conventional financial systems
through centralized entities like banks, but
in decentralized systems like
cryptocurrencies, it's a significant
Implications

Loss of Funds: Merchants and users can lose their assets if they accept
unconfirmed transactions.

Network Trust: It undermines trust in the network if users believe transactions

can be reversed or manipulated.
Sybil Attacks
A Sybil attack is a security threat to online systems where a single adversary
creates multiple fake identities to gain disproportionate influence or control over a
network. This term is derived from the 1973 book "Sybil," which describes a case
of a woman with multiple personality disorder.
Example:

Ethereum Classic (ETC) 51% Attack (January 2019)

An attacker rented substantial hashing power and created multiple fake nodes in
the Ethereum Classic network.
These Sybil nodes gained more than 51% control of the network's hashing power.
The attacker used this majority control to reorganize the blockchain, reversing
previously confirmed transactions.
Sybil Attacks
Proof of Work (PoW):
Requires nodes to perform computationally intensive tasks, making it costly to
create multiple fake identities. eg, Bitcoin, Litecoin
Proof of Stake (PoS):
Requires validators to hold significant cryptocurrency as collateral, making it
expensive for an attacker to generate multiple nodes. eg, Ethereum 2.0,
Cardano
Identity Verification:
Ensures each participant is a unique, verified entity, preventing the creation of
multiple fake identities. Hyperledger Fabric, Quorum
Decentralized Reputation Systems:
Nodes build reputation over time based on behavior, making it difficult for new
or fake nodes to gain quick influence. Augur, eBay's model
Routing Attacks
These involve intercepting and manipulating the data as it is being transmitted over
the network.
Example:
Bitcoin Partition Attack (2014): Attackers intercepted Bitcoin network traffic,
partitioning it to disrupt communication between nodes, delaying transaction
processing and confirmations.

Implications:
Delayed Transactions: Can lead to significant delays in transaction confirmations.
Security Risks: Nodes may end up on different chains, causing a temporary fork
or inconsistency in the blockchain.
Smart Contract Vulnerabilities and Attacks

Smart contracts are self-executing contracts with the terms directly written into
code. They run on blockchain networks like Ethereum and can automate
complex transactions.

A smart contract can be vulnerable for different reasons. For example, your
blockchain application may contain faulty business logic, have insecure code, or
have issues with external dependencies and interactions that lead to unexpected
behavior. These are all different attack vectors your smart contract may be at risk
of if not properly engineered.
Common Vulnerabilities in Smart Contract
Reentrancy Attacks:
Occurs when a smart contract calls an external contract and then continues
executing the original contract before the external call is complete. This can be
exploited if the external contract makes recursive calls back to the original
contract, bypassing the intended control flow.

Example: The DAO Attack (2016): Attackers

exploited a reentrancy vulnerability in The
DAO’s smart contract, draining it of about
$60 million worth of Ether.
Reentrancy Attacks

Mitigation:

Checks-Effects-Interactions Pattern: Ensure that all

internal state changes are made before making external
calls. This prevents the contract's state from being
inconsistent during external calls.
Reentrancy Guards: Implement reentrancy guards using
mutexes or the nonReentrant modifier from libraries like
OpenZeppelin to prevent reentrant calls.
Common Vulnerabilities in Smart Contract
Integer Overflow and Underflow:
When arithmetic operations exceed the maximum or minimum value that
can be stored in a variable, causing the value to wrap around. This can be exploited
to manipulate balances and cause unexpected behavior.

Example: If a contract
subtracts 1 from a balance
of 0, instead of resulting in a
negative number or an
error, it might wrap around
to the maximum possible
value.
Integer Overflow and Underflow Vulnerabilities
Mitigation:

SafeMath Libraries: Use libraries like OpenZeppelin's

SafeMath, which provide arithmetic functions that
automatically revert on overflow and underflow.

Explicit Checks: Add explicit checks for arithmetic operations

to ensure that they do not exceed the boundaries of the
variable type.
Common Vulnerabilities in Smart Contract
Default Visibility of Functions:
In some smart contract languages, functions without explicitly declared
visibility default to public. This means anyone can call these functions,
potentially manipulating the contract in unintended ways.

Example:
A function intended for
internal use only might be left
public, allowing an attacker to
call it and change critical state
variables or drain funds.
Common Vulnerabilities in Smart Contract
When you write a function in Solidity and do
not specify its visibility, it defaults to public. An attacker could call the
This means that the function can be called reduceBalance function like this:
by anyone, both within the contract and
externally. VulnerableContract.reduceBalance(50);

pragma solidity ^0.8.0; To fix this issue, you need to

contract VulnerableContract { specify the correct visibility for the
uint private balance = 100; functions.
function reduceBalance(uint amount) { function reduceBalance(uint amount)
require(amount <= balance, "Insufficient internal { require(amount <= balance,
balance"); "Insufficient balance");
balance -= amount; balance -= amount;
}} }
Default Visibility of Functions
Mitigation:

Explicit Visibility Declarations: Always specify the

visibility of each function using public, private, internal, or
external.
Code Reviews and Audits: Regularly conduct code
reviews and security audits to ensure all functions have
appropriate visibility settings.
Common Vulnerabilities in Smart Contract
Timestamp Dependence
Using block timestamps in smart contracts for critical functions can
introduce vulnerabilities because miners can influence block timestamps
slightly. This can be exploited in time-sensitive contracts.

Example:
Lottery Contracts: If a contract uses
block timestamp to determine a
lottery winner, a miner can
manipulate the timestamp to favor
a specific outcome, especially if
they or their colluding parties are
participants in the lottery.
Timestamp Dependence
Mitigation:

Avoid Timestamps for Critical Logic: Use block numbers

instead of timestamps for critical operations to reduce
manipulation risks.

Time Window: Implement logic within acceptable time

windows to mitigate minor timestamp manipulations.
Common Vulnerabilities in Smart Contract
Gas Limit Vulnerabilities
Smart contracts have gas limits to prevent excessive computation
in a single transaction. Complex functions or loops that exceed the
gas limit can cause transactions to fail, leading to Denial of Service (DoS)
vulnerabilities.

Example:
Gas Limit Exploitation: An attacker could
trigger a function that uses a lot of gas to
intentionally cause it to fail, preventing
others from using the contract effectively.
Gas Limit Vulnerabilities
Mitigation:

Gas Optimization: Optimize contract code to use less gas

and avoid expensive operations in a single transaction.

Modular Functions: Break down complex functions into

smaller, less gas-intensive operations that can be
executed separately.
 Section - 2
Blockchain Security Measures
Blockchain Security Measures
Blockchain security refers to the combination of cybersecurity principles, tools, and
best practices in order to mitigate risk and avoid malicious attacks and
unauthorized access while operating on blockchain networks.

Are blockchains vulnerable to

security threats?
The notion that blockchain
technology is inherently immune to
security threats is somewhat
misleading, but there are several
unique structural features of
blockchain that bolster its intrinsic
security properties:
Blockchain Security Measures
Cryptographic Techniques: Every transaction on the blockchain is secured with
cryptographic principles, ensuring data integrity and authentication.

Here are some methods for it:

Hash Functions: Converts data into a fixed-size hash value which ensures data
integrity and immutability, preventing unauthorized changes.

Digital Signatures: Signs transactions to verify authenticity which Confirms

transactions are genuine and have not been tampered with.

Zero-Knowledge Proofs (ZKPs): Proves a statement is true without revealing any

details. Enhances privacy and security by verifying transactions without exposing
sensitive information.
Blockchain Security Measures
Consensus Mechanisms: These algorithms ensure that all nodes in the
network agree on the validity of a transaction.
Proof of Work (PoW): Miners solve complex problems to add new blocks which
makes it costly and difficult for attackers to control the network.

Proof of Stake (PoS): Validators are chosen based on their cryptocurrency holdings.
It reduces energy consumption and makes attacks economically impractical.

Delegated Proof of Stake (DPoS): Stakeholders elect delegates to validate

transactions which improves efficiency and maintains security through democratic
selection
Blockchain Security Measures
Smart Contract Security: Smart contract security consists of various methods
like formal verification, code audits, and development best practices.

Formal Verification: Uses mathematical methods to prove the correctness of smart

contracts. Ensures smart contracts behave as intended, reducing vulnerabilities.

Code Audits: Thorough review of smart contract code by experts which identifies
and fixes potential security flaws before deployment.

Development Best Practices: Guidelines for secure smart contract coding. It

reduces the risk of common vulnerabilities and exploits
Blockchain Security Measures
Key Management: Key management includes methods like hardware security
modules (HSMs), multi-signature wallets, and cold storage.

Hardware Security Modules (HSMs): Physical devices used to generate, store, and
manage cryptographic keys. Provides high levels of security for key management,
protecting keys from theft and tampering.

Multi-Signature Wallets: Wallets requiring multiple private keys to authorize a

transaction which enhances security by requiring consensus for transaction
approval.

Cold Storage: Storing private keys in offline devices which protects keys from
online attacks, such as hacking and phishing
Blockchain Security Measures
Regular Monitoring and Auditing: Regular monitoring and auditing include
continuous monitoring, penetration testing, and security audits.

Continuous Monitoring: Systems that monitor the blockchain network in real time
for security incidents. It enables rapid detection and response to security threats.

Penetration Testing: Simulated attacks to test the security of the blockchain

network which identifies and addresses vulnerabilities before they can be
exploited.

Security Audits: Regular audits of the blockchain infrastructure ensures ongoing

security by identifying and mitigating risks.
Consensus Mechanism for Security

Definition: Consensus mechanisms are

protocols used by blockchain networks to
achieve agreement on a single data value or a
single state of the network among distributed
processes or systems. These mechanisms
ensure that all nodes in the network agree on
the validity of transactions and the state of
the ledger, which is critical for maintaining the
integrity, security, and reliability of the
blockchain.
Consensus Mechanism for Security

Role in Security:
In terms of security, consensus mechanisms
protect the blockchain from various attacks, such
as double-spending, where an attacker tries to
spend the same cryptocurrency unit in more
than one transaction. They also ensure that the
network remains decentralized and resistant to
censorship and control by any single entity. By
requiring agreement among multiple nodes,
consensus mechanisms make it extremely
difficult for malicious actors to alter transaction
data or disrupt the network.
Types of Consensus Mechanism
1. Proof of Work (PoW):
PoW requires nodes, called miners, to solve complex mathematical
puzzles to validate transactions and create new blocks. This process requires
significant computational power and energy consumption.
Security Aspect: The high computational
cost and energy consumption act as a
deterrent to attacks. To successfully alter a
blockchain, an attacker would need to
control more than 50% of the network's
total hashing power (known as a 51%
attack), which is economically and
logistically impractical for large networks
like Bitcoin.
Types of Consensus Mechanism
How PoW Secures the Blockchain:

1. Mining Process and Puzzle-Solving

Complex Puzzles: Miners compete to solve a cryptographic puzzle. The puzzle is
hard to solve but easy for others to verify.
Example: In Bitcoin, miners find a hash value that starts with a certain number
of zeros.

2. Block Creation and Validation

New Block Creation: The first miner to solve the puzzle gets to add a new block
to the blockchain.
Validation by Other Nodes: Other nodes in the network validate the solution
easily and agree on the new block.
Types of Consensus Mechanism
3. Cost and Effort
High Computational Power: Solving the puzzle requires a lot of computational
power and energy. This makes it costly and resource-intensive.
Security Through Cost: Because it’s expensive, it discourages malicious actors
from trying to attack the network.

4. Immutability
Linking Blocks: Each block contains a hash of the previous block, creating a
chain.

Changing Data: If an attacker wants to change any data in a block, they would
need to solve the puzzle for that block and all subsequent blocks, which is
extremely difficult and costly.
Types of Consensus Mechanism
5. 51% Attack Prevention
Majority Control: To alter the blockchain, an attacker would need to control
more than 50% of the network's computational power.
Cost of Attack: Gaining this much computational power is prohibitively
expensive and practically unfeasible for most attackers.

6. Decentralization
Distributed Miners: PoW promotes decentralization because anyone with the
right hardware can become a miner.
Network Resilience: The more distributed the network, the harder it is for a
single entity to control or attack it.
Types of Consensus Mechanism
2. Proof of Stake (PoS)
PoS selects validators in proportion to their holdings (stake) in the
cryptocurrency. Validators are chosen to create new blocks and validate
transactions based on the number of coins they hold and are willing to
"stake" as collateral.
Security Aspect: PoS reduces the need for
computational power and mitigates
centralization risks associated with PoW.
Validators have a financial incentive to act
honestly, as malicious behavior can result in the
loss of their staked coins. To compromise the
network, an attacker would need to acquire a
majority of the cryptocurrency, making attacks
expensive and economically unfeasible.
Types of Consensus Mechanism
3. Delegated Proof of Stake (DPoS)
DPoS involves a voting system where stakeholders elect a small number of
delegates to validate transactions and create new blocks. These delegates are
responsible for maintaining the blockchain.
Security Aspect: DPoS enhances efficiency and
scalability by reducing the number of validating
nodes, which speeds up the consensus process.
The voting mechanism ensures that delegates
act in the best interest of the community, as
they can be voted out if they perform poorly or
dishonestly. This system combines the
economic incentives of PoS with a governance
model that increases accountability.
Types of Consensus Mechanism
4. Practical Byzantine Fault Tolerance (PBFT)
PBFT is designed for permissioned networks where nodes are known and
trusted to some extent. It involves multiple rounds of voting among nodes to
agree on the validity of transactions and the state of the ledger.

Security Aspect: PBFT can tolerate up to

(𝑛−1)/3(n−1)/3 malicious nodes in a network
of n nodes. This tolerance level ensures the
network remains secure and operational
even if some nodes are compromised or act
maliciously. The consensus is reached
efficiently with low latency, making it suitable
for enterprise applications.
Types of Consensus Mechanism
5. Proof of Authority (PoA)
PoA relies on a small number of trusted nodes, known as authorities, that
are pre-approved to validate transactions and create new blocks. These
authorities are typically organizations or individuals with established
reputations.
Security Aspect: PoA provides high
throughput and low latency since the
number of validating nodes is limited and
known. The reputation and identity of
authorities act as a deterrent against
malicious behavior. However, PoA's
centralization can be a disadvantage, as it
relies heavily on the trustworthiness of a few
entities.
Cryptographic Techniques for Securing Transactions
in Blockchain
Cryptographic techniques are essential
for ensuring the security, integrity, and
confidentiality of transactions on a
blockchain. These techniques provide
the foundation for secure data
storage, secure transaction validation,
and protection against unauthorized
access and tampering.
Key Cryptographic Techniques
Hash Functions:
A hash function takes an input (or 'message') and returns a fixed-size string of
bytes. The output, typically referred to as a hash value or digest, is unique to
each unique input.
Example: SHA-256 (Secure Hash Algorithm 256-bit).

• Data Integrity and Tamper Resistance:

Each block in a blockchain contains a hash of the previous block, forming a
chain of blocks. This hash acts as a unique fingerprint for the block's data. Any
change in the block's data will produce a different hash that would require
recalculating the hashes for all subsequent blocks, which is computationally
infeasible for large blockchains.
Key Cryptographic Techniques
Hash Functions:
• Hash functions play a crucial role in various consensus mechanisms like PoW
and Proof of Stake (PoS). These mechanisms rely on hash calculations to
validate and agree on the state of the blockchain, ensuring that all participants
follow the same rules and maintain the blockchain's integrity.

• Hash functions are used to create Merkle trees, which organize transaction
data in a block. Each leaf node of the tree is a hash of a transaction, and parent
nodes are hashes of their children. This structure allows for efficient and secure
verification of transactions, as only a small part of the tree (a Merkle proof) is
needed to verify that a transaction is included in a block.
Key Cryptographic Techniques
Digital Signatures:
Digital signatures use a pair of cryptographic keys (a private key and a public
key) to sign and verify transactions. The private key is used to sign a
transaction, and the public key is used by others to verify the signature.

Example: Elliptic Curve Digital Signature Algorithm (ECDSA).

Security Aspect: Digital signatures are crucial for securing blockchain transactions.
They provide authentication, integrity, and non-repudiation, ensuring that
transactions are secure and trustworthy.
Key Cryptographic Techniques
Digital Signatures:
Authentication:
Each user in the blockchain network has a pair of cryptographic keys: a private
key and a public key. When a user initiates a transaction, they sign the
transaction data with their private key. This digital signature can be verified by
anyone in the network using the user's public key.
This process ensures that the transaction is indeed initiated by the owner of
the private key, thus authenticating the user.

Data Integrity:
When a transaction is signed, a hash of the transaction data is created and
encrypted with the sender's private key to form the digital signature. Any
alteration in the transaction data will produce a different hash, which will not
match the signature when decrypted with the sender's public key.
Key Cryptographic Techniques
Merkle Trees:

A Merkle tree is a binary tree of hashes, where each leaf node is a hash of a
block of data, and each non-leaf node is a hash of its child nodes.
Example: Used in Bitcoin and Ethereum for efficient and secure verification of
transactions.

Security Aspect: Merkle trees allow efficient and secure verification of large data
structures. They enable quick and efficient proofs of membership (i.e., proving
that a transaction is included in a block) without needing to download the entire
blockchain. This enhances scalability and reduces the computational load on
nodes.
Key Cryptographic Techniques
Zero-Knowledge Proofs (ZKPs):
ZKPs allow one party to prove to another that a statement is true without
revealing any additional information beyond the validity of the statement
itself.
Example: zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of
Knowledge) used in Zcash.

Security Aspect: ZKPs enhance privacy by allowing transaction details to be

verified without revealing the actual data. This is particularly useful in
privacy-focused blockchains, where users want to keep transaction amounts and
recipient addresses confidential while still ensuring the integrity and validity of
transactions.
Key Cryptographic Techniques
Multi-Signature (Multi-Sig):
Multi-sig requires multiple keys to authorize a transaction. It involves setting
up a wallet that needs several private keys to sign a transaction.
Example: Bitcoin and Ethereum support multi-sig transactions.

Security Aspect: Multi-sig enhances security by requiring multiple parties to agree

on a transaction before it can be executed. This reduces the risk of unauthorized
transactions, as a single compromised key is insufficient to execute a transaction.
END
www.paruluniversity.ac.in