Understanding Blockchain : The theory and the threats


In this post I'll break down some key aspects of what makes a blockchain, blocky and chainy. I'll also break out some ideas I have on what threatens block chain applications in design an implementation potentially speaking.

What is the blockchain?

Blockchain applications essentially provides a means to orchestrate transactions based on something called a "state-machine" that propagates and maintains global addressable list of all transactions ever.  Essentially folks needed a way for all agreements of a given theme based on the value of something to follow a strict grammar and language i.e. based on principles that "this thing" must appear before "this thing" rules that follow this format are great for language based machines like state machines. After all we designed computers and all formal definitions so far on these properties, they are such powerful means of scrying computation out of nature we are applying them to quantum bodies in profound ways too!

Where banks have some means of physical currency that assures them trade of a certain value, electronic trades are looked at as a bit more shaky, essentially because it seems the rule sets these transactions operate on a more falsifiable than physical hard cash. We treat currency this way, with hard actual green backs verifying what the computers say to a certain extent. We have a collection of security and compliance standards to hold computers to in order to render them trust worthy enough as a medium of currency trade - but there is nothing so far as trust worthy as cold hard cash. The makers of new crypto-currencies would claim this is a weakness of our economic systems, and through tech like bitcoin and Ethereum they offer a means to back electronic transactions on a ledger called the block chain! The blockchain offers us (just to state it more simply)...

an account of the operation of a state-machine that serves as inalienable account of the transactions in a network and the rules that govern them. 

The machine ticking away like a conductor keeping all the value estimations in line with the networks actual spending and movements - whatever the network desires them to be! This record essentially is handed out to all the nodes so they maintain a relevant copy of it (of course if their copies become corrupted that could be a problem for the network) which is why maintenance of a secure enough network is crucial to block chain operating correctly along with all the complications of achieving and keeping up such a configuration.




So this means obviously; the validity of the chain is what makes the network consensus valuable and thus the currency it trades. Effectively then as a security game, we want to be able to either break the actual mechanism or the interpretation of it i.e. either convince the chain to break itself or convince others it is broken and can't be trusted. It is at its core a game of trust, and requires strong focus on security principles to achieve.

Okay so it needs to build this chain, but how does it know which hashes come before which? How does everyone else in the network know? The answer is Merkle Trees!

What are Merkle Trees?




Speaking more specifically, in running a blockchain application; you essentially want some strict rules moving an account state and the rest of the network along a progression that everyone can agree on - attested to by a Merkle-* Tree of hashes.

For instance you need a signature on a form before you can get X amount of dollars from your retirement fund; such an agreement could be enforced based on a network of folks that all maintain a means to prove that the signature event happened before the giving money event - this record that people all participate to "validate" is called  the block chain and it essentially chains together Merkle trees.

But what is a Merkle Tree?

Essentially Merkle Trees are data structures that serve to achieve 2 goals:

  • 1) List things: is achieved by leveraging tree-like data structures. Merkle tree algorithms carry the aroma of ideas like Heaps, Skip lists and Binary Search Trees
  • 2) Very if the position of stuff in the list: (based on a mathematical function with some special property called one-way trap-doorness) The "verify positions" is achieved by using properties of data structures like Hash Maps/Lists accept instead of some rudimentary way of adding together random bits to produce a "hash", the Merkle Tree employs cryptographic hashing algorithms and combines them in a way that produces a record of the order in which they were added to the tree. 

 * - folks seem to be get a bit fancy about the hash tree variant across Blockchains. As long as the tree seems to provide a way to verify the inter-hash relations, role back and forward, or facilitate some other fancy tree walks if needed the Merkle-like monstrosities seem to be acceptable.  

So this is what Merkle tree's do, just put stuff in a list that is walkable in a convenient way based on the order things are hashed in.  Why hash functions? Well because it holds a pretty unique enough (very carefully worded there) summation of the data entered into the list at a given time. Essentially hashes add together the bits patterns of data in a such a way that the eventual sum is unique enough with regard to the entire bit pattern of the data i.e. no other bit pattern will sum up the same way. This property means that we can rely on the fact that when something is put into the tree based on its cryptographic hash, we will have a record that is only as infallible as the hash function running the show.  Which perhaps could mean that Quantum Computing and its ability to fundamentally change the magnitudes at which we speak of search based problems moving data around (i.e. we search for things in x units of time at least - will change to less than a 10th of that easily); with either directly attack hash functions at their core or at least dramatically shake the grounds on which we make use of hash functions. But what it essentially comes down to is this little bit summation working correctly all the time and also being able to verifiably operate in such a way. 


Threats for Blockchain applications


So yes, very good idea but in description it also seems (from a security perspective) like a word salad of the hardest problems in security and computation today. Given this, what does one need to get right in a blockchain? What are the important parts of the "application"?  Critical components of a Blockchain application (as i see it) can be broken into three essential parts:
  • Ledger Integrity: Where the ledger is, and how people come to believe it is safe
  • Node Integrity: Where do you get your bitcoin addresses from? How do you know where to send the coins? The addresses can sometimes have their anonymity work against them if the application is not developed with respect to this essential anonymity. How much are blockchain node interface based 0days going to be worth in future? lol 
  • Block roll back function: Is there a secure way to resolve block collision or replication problems? Does the implementation work with the design and implementation of the network?
Smaller problems on the horizon are things like application specific problems. Things like file and input handling / parsing problems could become crucial as well - as we ramp up support for this idea we are actually also adding edges to all the bitcoin library's dependency graphs too! HTML, JavaScript, Python, XML, etc will all soon be mangling and warping bitcoin storage file formats, and blockchain block headers. Security folks need to pay attention to how these are developed because they also provide a potentially lucrative surface for attacking blockchain networks and nodes!

Another avenue often not talked about is interface attacks and malware - fundamentally all these bitcoin applications are playing a game of winning trust competing with malware and malicious influence or re-interpretation of interface weaknesses in applications. We will eventually need a way to trust bitcoin applications in a way that is at least as infallible as the technology hosting the blockchain, otherwise the wonders of the blockchain are again rendered moot.

Of course the most worrying aspect of blockchain based applications (more specifically alt-coins), is the ability for security breaks to greatly fluctuate trust in blockchain currencies; the rational security consumer is back! People will be hotly contesting the security of the blockchains they a trading value on. Naturally this is a problem for anyone who knows a little bit about economic theory; because critically speaking you could be promoting a cryptographically backed Keynesian beauty contest!  Folks could inflate value of the currency (here most uniquely it means directly inflating the amount of trust in the block transition function too, along with its demonstrable security properties), and then yank the rug out by crying wolf or literally breaking the security via the various avenues (some of which I hope to be listed here) to have the value drop dramatically causing loss of investment for competition.

Conclusion


Running a secure ship is crucial here, and on one hand that worries security folks; but ironically this is because bitcoin and blockchain I think are teaching folks the lesson we have always been trying to :


The trust placed in a regulated economic system is entirely what generates its value, trusting a system that regulates things is solely dependent on the maintenance of demonstrable security properties!  

Comments