Popular Science | Blockchain Security Getting Started Notes (4)

Although more and more people are involved in the blockchain industry, because many people have not touched the blockchain before, and have no relevant security knowledge, the security awareness is weak, which makes it easy for attackers. There is space to drill. In the face of numerous security issues in the blockchain, Slow Fog has introduced the blockchain security entry notes series, introducing ten blockchain security related terms to the novices, allowing novices to adapt to the blockchain crisis and the world of security and attack. Welcome to add the QR code at the end of the article reminder! Series review:

Blockchain Security Getting Started Notes (1) | Slow Mist Science

Blockchain Security Getting Started Notes (2) | Slow Mist Science

Blockchain Security Getting Started Notes (3) | Slow Mist Science

Multi-sign Multi-sig

Multi-sig refers to operations that require multiple signatures to be performed (these signatures are generated by different private keys). This can be used to provide greater security, even if a single private key is lost, the attacker will not be granted access to the account, and multiple trusted parties must approve the update at the same time, otherwise it will be invalid. As we all know, in general, a bitcoin address corresponds to a private key, and the funds in this address need to be signed by the holder of the private key. Multi-signature technology, in simple terms, requires multiple private key signatures to be effective when using a single fund. One advantage of multi-signing is that you can reach a consensus on a payment in order to pay for success.

Double Flower Attack Double Spend Attack

The Double Spend Attack takes two sums of money, double paying, and uses the digital feature of the currency to use two or more “same money” to complete the payment. Double flowers won't generate new Tokens, but they can get back the money they spent. To put it simply, the attacker transfers a token to another address, usually by going to the exchange to cash out, and then using some attack methods to roll back the transfer transaction. There are several common techniques that can trigger a double flower attack:

Race Attack
This kind of attack mainly achieves double flowers by controlling the miners' fees. The attacker simultaneously sends two transactions to the network, and a transaction is sent to himself (in order to increase the probability of successful attack, he adds enough miners to the transaction) and a transaction is sent to the merchant. Since the transaction sent to them contains a high fee, the probability that the miner will be preferentially packaged into the block is relatively high. At this time, the transaction will be prior to the transaction sent to the merchant, and the transaction sent to the merchant will be rolled back. For the attacker, by controlling the miners' fees, the "double flower" of the same token is realized.
2. Finney Attack
The attacker mainly achieves double-flowering by controlling the broadcast time of the block, and the attack object is aimed at the merchant that accepts the 0 confirmation. Suppose the attacker digs into a block that contains a transaction, that is, A to B has transferred a certain number of tokens, where A and B are the addresses of the attacker. But the attacker does not broadcast the block, but immediately finds a merchant who is willing to accept the 0 confirmation transaction to purchase an item from him, send a transaction to the merchant, pay with A to the merchant's address C, and send the transaction to the merchant. After going out, the attacker broadcasts the block that he dug before, because the transaction sent to himself is prior to the transaction sent to the merchant. For the attacker, the same time is achieved by controlling the broadcast time of the block. Token's "double flower".
3. Vector76 attack
Vector76 Attack is also known as "one-time confirmation attack", that is, it can still be rolled back after the transaction is confirmed once. It is a combination of Finney Attack and Race Attack. The attacker creates two nodes, node A connects to the merchant node, and node B connects to other nodes in the blockchain network. Then, the attacker initiates two transactions with the same token, a transaction is sent to the merchant address, which we call transaction 1; a transaction is sent to our wallet address, which we call transaction 2. Like the Race Attack mentioned above, the attacker added a higher miner fee to transaction 2 to increase the miners' packing probability. At this point, the attacker did not broadcast the two transactions to the network.

Next, the attacker begins mining on the branch where transaction 1 is located. This branch is named branch 1. After the attacker digs into the block, it does not broadcast it, but does two things at the same time: send transaction 1 on node A and transaction 2 on node B.

Since node A only connects to the merchant node, when the merchant node wants to pass transaction 1 to other peer nodes, node B, which has more nodes connected, has already broadcast transaction 2 to most of the nodes in the network. Thus, in terms of probability, transaction 2 is more likely to be considered valid by the network, and transaction 1 is considered invalid.

After transaction 2 is considered valid, the attacker immediately broadcasts the block that he had previously dug on branch 1 to the network. At this time, the merchant that accepts the payment once will confirm that the transaction is successful, and then the attacker can immediately realize and transfer the assets.

At the same time, due to the more nodes connected by branch 2, the miner dug another block on this branch, that is, the chain length of branch 2 is greater than the chain length of branch 1. As a result, the transaction on branch 1 will be rolled back, and the transaction information previously paid by the merchant to the attacker will be cleared, but the attacker has already withdrawn the money and realized double spending.

4. 51% attack
The attacker occupies more than 50% of the computing power of the entire network. During the time when the attacker controls the computing power, he can create a new chain with a height greater than the original chain. Then the trades in the old chain will be rolled back, and the attacker can use the same token to send a new transaction to the new chain.

At present, the attack methods of public chain security incidents are mostly 51% attacks. The loss caused by the attacker's mastery of 51% of attacks is 19,820,000 dollars. On January 6, 2019, the slow fog area warned of the possibility of a 51% power attack on the ETC network . According to the Coinbase blog, the attacker launched a total of 15 attacks, 12 of which included double flowers, totaling 219,500 ETC stolen. (At the prevailing market price of about $1.1 million), the attackers were carefully prepared to launch a 51% attack on ETC through a large amount of computing power, and the cumulative revenue was over 10 times. Exchanges such as Gate.io, Yobit, and Bitrue were affected. Fortunately, with the efforts of the entire ETC eco-community, the attacker returned the proceeds of the attack a week later, but fortunately did not cause further losses.

Soft fork Soft-fork

Soft-fork is more of a protocol upgrade. When the new consensus rule is released, the old node that has not been upgraded will not realize that the code has changed, and continue to produce illegal blocks. A temporary fork will result, but the new node will be compatible with the old node, ie the old and new nodes will always work on the same chain.

Hard forked Hard-fork

Hard-fork is a permanent divergence in the blockchain. After the new consensus rule is issued, the upgraded node cannot verify the block generated by the un-upgraded node. The un-upgraded node cannot verify the generated node. Blocks, that is, old and new nodes are incompatible with each other. Usually, hard forks will occur. The original normal chain is divided into two chains (one chain that has been upgraded and one that has not been upgraded, and the two chains are not compatible). The well-known hard fork event in history was The DAO event. As a well-known project in Ethereum, the hackers stole ETH worth about 60 million US dollars due to the vulnerabilities of smart contracts. Huge loss. In order to make up for this loss, in July 2016, the Ethereum team revised the Ethereum contract code to implement a hard fork, and forced all funds of The DAO and its sub-DAO to a specific refund contract in the 929000th block. The address, in turn, "recaptures" the currency on the DAO contract controlled by the hacker. But this modification was rejected by some miners, thus forming two chains, one for the original chain (Ethernet Classic, ETC) and one for the new fork chain (ETH), each representing the consensus and values ​​of different communities.

Source: Slow fog technology