Blockchain Security Getting Started Notes (3) | Consensus Algorithm

Although more and more people are involved in the blockchain industry, because many people have not touched the blockchain before, and have no relevant security knowledge, the security awareness is weak, which makes it easy for attackers. There is space to drill. In the face of numerous security issues in the blockchain, Slow Fog has introduced the blockchain security entry notes series, introducing ten blockchain security related terms to the novices, allowing novices to adapt to the blockchain crisis and the world of security and attack. Welcome to add the QR code at the end of the article reminder!

Series review:

Blockchain Security Getting Started Notes (1) | Slow Mist Science

Blockchain Security Getting Started Notes (2) | Slow Mist Science

Consensus Consensus

The consensus algorithm is mainly to solve the problem of achieving consistent results for a certain state among multiple nodes in a distributed system. The distributed system is processed by multiple service nodes to complete the transaction. The data state of multiple copies in the distributed system needs to be consistent. Due to the unreliability of nodes and the instability of communication between nodes, even nodes do evil, forging information, causing data state inconsistency between nodes. Through the consensus algorithm, multiple unreliable individual node groups can be built into a reliable distributed system to achieve data state consistency and improve system reliability.

The blockchain system itself is a very large-scale distributed system, but it is significantly different from traditional distributed systems. Since it does not depend on any central authority, the system is based on a decentralized peer-to-peer network, so the decentralized nodes need to agree on the validity of the transaction, which is where the consensus algorithm works, that is, to ensure that all nodes All comply with the rules of the agreement and ensure that all transactions are conducted in a reliable manner. Consensus algorithm implementation agrees on the processing order of transactions among scattered nodes, which is the most important role played by consensus algorithms in the blockchain system.

The consensus algorithm in the blockchain system also undertakes some of the functions of the incentive model and the governance model in the blockchain system. In order to solve the problem of how a mutually independent node reaches a resolution problem in a peer-to-peer network (P2P). In short, consensus algorithms are a problem in how to maintain consistency in a distributed system.

Work Proof of PoW (Proof of Work)

PoW (Proof of Work) is the first successful decentralized blockchain consensus algorithm in history. The workload proved to be familiar to most people and is widely used by mainstream public chains such as Bitcoin, Ethereum, and Litecoin.

Workload proofs require node participants to perform computationally intensive tasks, but are easier to verify for other network participants. In the example of Bitcoin, miners compete to add the collected transactions, ie blocks, to the blockchain books maintained by the entire network. In order to do this, the miner must first accurately calculate the "nonce", which is a number added at the end of the string to create a hash value that satisfies a specific number of zeros at the beginning. However, there are disadvantages such as a large amount of mining power consumption and low transaction throughput.

Proof of Stake

PoS (Proof of Stake) – a probabilistic proof mechanism, a mainstream blockchain consensus algorithm, designed to allow consensus among distributed nodes in a blockchain, often with the Proof of Work Appeared, both are considered to be one of the mainstream algorithms in the blockchain consensus algorithm. As an algorithm, it agrees with the consent of the holder to determine a new block. This process does not require hardware and power and is more efficient than PoW.

The concept of Stake was introduced in the PoS Consensus. The holder of the currency will perform Staking on behalf of the token. All participants are required to mortgage a part of the Token they have to verify the transaction, and then get a chance to get a block. The PoS consensus will pass the election algorithm. The proportion of the currency held and the duration of the Token mortgage, or some other way, select the miners who pack the block. The miner completes the package transaction at the specified altitude, generates a new block, and broadcasts the block. The broadcast block passes another "threshold" in the PoS consensus, and the verifier verifies the transaction. After verification, the block is confirmed. This round of PoS consensus process is completed. Proof of interest prevents bad behavior by long-term binding of the benefits of the verifier and the interests of the entire network. After the token is locked, if the verifier has a fraudulent transaction, the Token they are mortgaged will also be cut.

PoS research is still moving forward. Security, performance and decentralization have always been the direction that PoS is pursuing. More PoS projects will be launched in the future. In order to better observe the running status of the public chain, the security anomaly is monitored in real time. The slow fog is deployed on EOS, BOSCORE, FIBOS, YOYOW, IoTeX, COSMOS, and it is deployed in the security field, focusing on the stability and security of the node.

Debt Proof of Stake

Entrusted proof of entitlement, its prototype was born on December 8, 2013. Daniel Larimer first talked about the use of voting to select the blocker in bitsharetalk, instead of the possibility that the election random number in PoS could be manipulated. In DPoS, each holder can vote, thereby generating a certain number of representatives, or understanding a certain number of nodes or pools, and their rights are exactly equal to each other. Holders can change these representatives at any time by voting to maintain the “long-term purity” of the chain system. To a certain extent, this is very similar to the representative system in state governance, or the system of deputies to the people's congress. The biggest advantage of this kind of system is that it solves the problem of inefficiency caused by too many verifiers. Of course, this system also has obvious shortcomings. Because of the "representative" system, it has been suffering from centralization.

Malicious mining attack Cryptojacking Attack

Cryptojacking is a malicious act that refers to the hijacking of user equipment to mine cryptocurrencies without authorization. Often, an attacker hijacks the processing power and bandwidth of a victim device (a personal PC or server). Because cryptocurrency mining requires a lot of computing power, an attacker can try to infect multiple devices at the same time, so they can collect enough computing power. Perform such low-risk and low-cost mining activities.

General malicious mining software will induce users to load mining code on the computer, or inadvertently be hidden by using phishing-like methods such as malicious links, emails or implanting mining scripts on the website. The encrypted mining program infects and completes the attack. In recent years, as the price of cryptocurrencies has risen, more sophisticated malware has been developed, resulting in endless stream of malicious mining attacks.

Here we provide you with several suggestions to prevent malicious mining attacks:

  1. Pay attention to device performance and CPU utilization
  2. Install mining script isolation plugins on web browsers such as MinerBlock, NoCoin and Adblocker
  3. Beware of email attachments and links
  4. Install a trusted anti-virus software to keep your software applications and operating system up-to-date

No interest attack Nothing at Stake Attack

Nothing at Stake Attack is a problem to be solved under the PoS consensus mechanism. The nature of the problem can be simply summarized as “no cost, no limit of benefits”.

When the PoS consensus system has a fork (Fork), the block node can be out of the two forks without any loss; no matter which fork is recognized as the main chain, Nodes can get "all revenue" without any cost loss. This makes it easy to give some nodes a power to generate new forks, support or initiate illegal transactions, and other profit-seeking nodes will queue up on multiple chains (windows) to support new forks. . As time goes on, there are more and more forks, illegal transactions, and madness. The blockchain will no longer be the only chain, and there is no way for all the block nodes to reach a consensus.

In order to prevent such a situation from happening, many of the solutions of the PoS consensus mechanism are to introduce a penalty mechanism to perform economic slashing on the evil nodes to establish a more stable network. DPoS is actually one of the solutions for non-interest attacks. From the above we can see that the DPoS mechanism is chosen by the holder to export the block node to operate the network, and the block node will distribute a part of the reward to the voter.