In its recent “Are Blockchains Decentralized” report, the Pentagon sheds light on possible critical vulnerabilities in blockchain systems. Security firm Trail of Bits specifically reveals security holes that can affect the Bitcoin and Ethereum blockchain. Note that this study was funded by the US Department of Defense Defense Advanced Research Projects Agency (DARPA).
While the crisis of Earth Moon deeply upset the cryptosphere, the cryptocurrency prices continues to collapse. Losing hundreds of millions of dollars to his followers. Today, the increase in outgoings and liquidations testifies to the growing distrust in the market virtual currencies.
And as if that weren’t enough, the new Pentagon report just cast another shadow on the board. This is by stating that blockchain systems are not as decentralized as we think. Furthermore, this technology is particularly vulnerable to attack. This is particularly the case with the bitcoin blockchain And Ethereum
Major security flaws in the implementation of blockchain systems
According to the report from the security firm Trail of Bits, there are critical vulnerabilities in the implementation of blockchain networks. But also the Proof-of-Work (PoW) and Proof-of-Stake consensus protocols. According to experts, Bitcoin and Ethereum are particularly vulnerable a set of potential attack vectors.
Not to mention the disturbances that come from external actors. Furthermore, these two networks have a set of privileged participants who have the ability to modify their transactions.
The report adds that for a blockchain to be truly optimally distributed, it must have a Sybil cost. However, without a centralized TTP, it is simply impossible to implement it. Especially for open source blockchains like Bitcoin or Ethereum. Until we discover a mechanism that allows us to apply the Sybil costs without TTPblockchains with no access restrictions will not be able to achieve satisfactory decentralization.
The performance of the extraction method was criticized in the report. According to the security company, there is currently no standard that allows this sanction the dishonesty of minors. Also, when it comes to Bitcoin, miners don’t participate in the mining process. Add to it the no encryption and authentication of the Stratum protocol which is used for coordination between mining pools.
Also, according to the report, almost 51% of Sibyl’s attacks of the last few years can all be used against Bitcoin. He also notes that as of 2021, 21% of Bitcoin nodes are using a vulnerable version. Not to mention the three ISPs that account for nearly 60% of its traffic.
Furthermore, according to the Pentagon, it is not uncommon for non-blockchain vulnerabilities to be used to attack its services due to a server vulnerability.
Finally, the validity of blockchain such as Ethereum he was also questioned. The report particularly highlights thefull implementation of Turing on-chain that does not prevent smart contracts from being updated. This causes blockchains to face the same trust issues as a centralized financial system.