Cryptocurrencies would be more vulnerable than expected. According to an American study, certain entities are well placed to endanger blockchains.
DARPA (Defense Advanced Research Projects Agency), the R&D agency of the United States Department of Defense, has just published a report dedicated to blockchain, the technology behind cryptocurrencies. To carry out this study, the agency relied on the expertise of Trail of Bits, a research company specializing in security.
In the study, titled “ are blockchains decentralized ? »the researchers say they have discovered a series of flaws in the operation of the two main cryptocurrencies on the market: Bitcoin (BTC) and Ether (ETH).
The dangers of centralizing cryptocurrencies
According to researchers at Trail of Bits, the two cryptocurrencies are not as decentralized as expected. As a reminder, decentralization is one of the core attributes of cryptocurrencies and blockchain. It is even one of the central values of the ecosystem since its emergence. Independent of banks and governments, cryptocurrencies aim to free their users from any form of central authority. It is therefore not a surprise that the philosophy of Bitcoin is strongly inspired by crypto-anarchism and the cypherpunk movement.
However, the DARPA study believes that the decentralization of cryptocurrencies is not representative of reality. Researchers have discovered a plethora of “unforeseen focal points”. In these cases, blockchains find themselves theoretically at the mercy of a handful of individuals or entities.
“It has been taken for granted that the blockchain is immutable and decentralized, because the community says so”tackle Dan Guido, CEO of Trail of Bits, interviewed by NPR.
The experts noted in particular that 60% of Bitcoin network traffic passes through three Internet service providers. This poses a problem: if a coalition of operators agreed to block Internet access for these nodes, the network could encounter operational difficulties.
“Let’s imagine that someone with great control over the Internet in his country begins to interfere with the network. By slowing down or stopping legitimate blockchain traffic, an attacker could become the majority voice of consensus and censor transactions”explains the manager.
“A minority of network service providers, including Tor, are responsible for routing the majority of blockchain traffic,” also point out the researchers. Apparently, a lot of blockchain traffic goes through the Tor decentralized network. This finding is concerning because a malicious actor is able to take control of Tor nodes. An attack of this ilk has already taken place last year. “Malicious Tor exit node can modify or drop traffic”argues the report.
It would also be possible to prevent a Bitcoin transaction by intercepting a communication from one node to another, the researchers estimate. The study points to the fact that traffic between Bitcoin nodes is completely unencrypted. In fact, an intermediary could intervene to block a transaction on the blockchain.
Finally, Trail of Bits reveals that approximately 21% of Bitcoin nodes are running an old version of Bitcoin Core. This is the peer-to-peer software that allows the protocol to run and transforms a computer into a network node. In other words, 21% of the nodes run a vulnerable version of the software, which theoretically compromises the security of the entire infrastructure.
The study also regrets that a handful of pools, that is to say a coalition of miners, have monopolized most of the mining of cryptocurrencies. According to the researchers, ” the four most popular mining pools concentrate more than 51% of the power of Bitcoin »and each of the pools uses its ” own proprietary and centralized protocol”. To execute an attack and destabilize the network, it would suffice to bring down these four pools. The situation would be even worse on the side of Ethereum, whose balance would only be based on two pools.
A few days ago, a study by Cornell University (USA) revealed that Bitcoin was very centralized in its early days. Originally, King Bitcoin was based on only 64 miners. Cryptocurrency therefore only survived thanks to the altruism of the first users. These discoveries come in a complicated context for the cryptocurrency sector. For the past few weeks, the whole market has been in the red. After the collapse of several major projects, Bitcoin contracted around $20,000, far from its record high of last year.
A sector in perpetual evolution
The risks presented by the DARPA study are very far from reality, believes Yan Pritzker, founder of Swan Bitcoin. According to him, the dangers pointed out by Trail of Bits are only theories. ” If this kind of attack is possible, why hasn’t it happened? […] Under real conditions, these things don’t happen.”, explains Yan Pritzker to NPR. Christian Catalini, founder of the MIT Cryptoeconomics Lab, agrees and says the report is “exaggerated”.
In the light of these studies, however, one could estimate that cryptocurrencies are more fragile than their defenders claim. Trail of Bit even accuses investors, who ” looking to cash in on this decade’s gold rush”to knowingly ignore the ” risks inherent in blockchains and cryptocurrencies”.
However, the majority of the dangers raised by the researchers are known to ecosystem players. Aware of the challenges of cryptocurrencies, firms like Blockstream are being proactive and developing solutions to improve the security of the Bitcoin network.
In order to emancipate cryptocurrency from the Internet, the Canadian company launched a satellite service called Blockstream Satellite. Concretely, this project makes it possible to run the Bitcoin network thanks to a constellation of satellites placed in the atmosphere. In the same vein, the organization Bitcoin Venezuela has developed a technology that allows transactions to be carried out on the blockchain via the radio.
“The community can always coordinate, respond and I think over time will improve in developing good solutions,” says Christian Catalini to NPR.
Keep in mind that cryptocurrencies are still very young. In the years to come, a host of innovations will come improve the ecosystem and seal any gaps. As the saying goes, Rome wasn’t built in a day.