Blockchain Security and Consensus Mechanism
Abstract: As a distributed and decentralized technology, blockchain technology enables transaction parties without trust to reach a transaction without the need for a third party. Therefore, blockchain technology has also developed rapidly in many industries such as finance, medical care, and energy in recent years. However, while the blockchain provides security for a trustless network, it also faces some security risks. This article analyzes the attack problems existing in the blockchain from the perspective of blockchain consensus. And we also analyzed and summarized the possible development direction of the consensus algorithm in the future.
Keywords: blockchain; consensus algorithm; consensus attack; distributed security
Abstract: Blockchain technology, as a distributed and decentralized technology, enables both parties to reach a transaction without establishing trust without a third party. Therefore, blockchain technology has also developed rapidly in finance, medical treatment, energy and other industries in recent years. However, while blockchain provides protection for untrusted networks, it also faces some security risks. This paper analyzes the attack problems of blockchain from the perspective of blockchain consensus. And we also analyze and summarize the possible development direction of consensus algorithm in the future.
Keywords: blockchain;consensus algorithm;consensus attack;distributed security
Table of contents
1. Basic concepts of blockchain
2. Blockchain security challenges
3. Arrangement of chapters in this article
2. Mainstream consensus algorithm of blockchain
2. PoS proof of rights and interests
3. Attacks based on blockchain consensus
4. Future development of consensus algorithm
1. Combination of PoW and PoS algorithms
2. Improvement of native PoS algorithm
3. Improvement of native PoW algorithm
4. Improvement of traditional distributed consensus algorithm and others
1. Overview of Blockchain
1. Basic concepts of blockchain
Figure 1. Blockchain structure
Blockchain technology originated from Bitcoin and is the underlying core technology of many digital currency solutions represented by Bitcoin. It was originally designed to solve the problem of over-reliance on trusted third parties in electronic payments [1]. Bitcoin connects transaction blocks in chronological order through a hash function to form a chain structure. The block chain structure is shown in Figure 1. Each block contains two parts: transaction information and block header. Transaction information is the main part of the block, and the transaction is stored in a Merkle tree structure . The root of the finally generated Merkle tree is recorded in the block header as a transaction summary, which is convenient for transaction verification and search. The block header also records information such as version number, block height, random number nonce, and timestamp [2] .
Blockchain is a typical distributed ledger technology that supports functions such as data verification, sharing, computing, and storage through consensus and other multilateral autonomous technical means. From the perspective of the organizational structure and operating principles of the blockchain, the blockchain can be narrowly regarded as a one-way chain data structure that takes blocks as units and is connected back and forth in chronological order. Technologies such as component and system fault tolerance ensure the consistency and security of data shared by nodes in a distributed network. From an application point of view, blockchain is a composite distributed network technology that integrates cryptographic algorithms, distributed networks, consensus mechanisms, game theory and other technologies. It uses chained block structures to store data and uses consensus mechanisms to realize transactions. Update and share, use cryptography technology to ensure the security of transactions, use automated script codes to achieve programmability and autonomy, and use economic incentive mechanisms to stimulate nodes to independently maintain system stability, forming a new, autonomous distributed Infrastructure and Computing Paradigms.
Figure 2. Blockchain Security Goals
2. Blockchain security challenges
According to the security requirements of the network system, combined with the characteristics of the blockchain, the basic security goal of the blockchain system is to protect the data security, consensus security, privacy protection, Smart contract security and content security [3]. The relationship among various security objectives is shown in Figure 2.
The consensus mechanism is the core of the blockchain, and consensus security plays an important role in supporting the data security of the blockchain. This paper refers to the two security properties of consistency and liveness defined in the Bitcoin backbone protocol [4] to measure and evaluate the consensus security of the blockchain.
Consistency: It is required that any transaction that has been recorded on the blockchain and reached a consensus cannot be changed, that is, once the nodes in the network reach a consensus on a blockchain, no attacker can generate a blockchain through effective means The fork makes the nodes in the network abandon the original blockchain and reach a consensus on the new blockchain fork. Consistency is the most important security goal of the consensus mechanism. According to whether there is a short-term bifurcation in the process of reaching consensus in the consensus mechanism, consistency is divided into weak consistency and strong consistency.
Activity: The legal data submitted by honest nodes will eventually be reached by the nodes of the entire network and recorded on the blockchain. Legal data includes legal transactions submitted by honest nodes, correctly executed smart contract intermediate state variables, results, etc. Liveness ensures that honest nodes can resist denial of service attacks and maintain the continuous and reliable operation of the blockchain.
3. Arrangement of chapters in this article
The first chapter of this article gives a systematic introduction to the basic concepts of Bitcoin and the existing security problems. The second chapter introduces the mainstream consensus algorithm of the blockchain, mainly introducing the PoW workload proof mechanism [5] and the PoS equity proof mechanism. The third chapter introduces the potential security risks that may exist under the traditional consensus mechanism of blockchain. The fourth chapter introduces the future development status of the blockchain consensus algorithm. And in the fifth chapter, a summary of this article and an outlook on the future development of blockchain are made.
2. Mainstream consensus algorithm of blockchain
1. PoW workload proof
Figure 3. Flow chart of PoW consensus mechanism
PoW (Proof of Work), that is, workload proof, is famous in Bitcoin, commonly known as "mining". The PoW consensus mechanism solves the problem of consistency in the blockchain network through competitive bookkeeping. When a transaction is generated, each node that wants to keep accounts needs to rely on its own computing power to compete with others for the right to keep accounts. The flowchart of the PoW consensus mechanism is shown in Figure 3. As can be seen from the flow chart, the PoW workload proof process mainly goes through three steps:
1. Generate Merkle root hash;
2. Assemble the block header;
3. Calculate the output of proof of work;
i. Output of proof of work = SHA256(SHA256(block header)).
ii. if (the output of proof of work < target value), it proves that the workload is completed.
iii.if (the output of proof of work >= target value), change the random number, recurse, and continue to compare with the target value.
After the PoW consensus, the person who finally obtains the bookkeeping right, the block he packaged will be connected to the chain of the blockchain. At the same time, the data it processes will also be recorded in their own small ledgers by other nodes in the entire network.
The advantage of PoW is that it adds the computing power of each node into the transaction authentication of the network, making the network more decentralized and the cost of doing evil for nodes is higher. In theory, unless someone has mastered more than 51% of the computing power of the entire network, nothing on the network cannot be tampered with. But PoW also has certain disadvantages, such as wasting a lot of resources and low performance efficiency.
2. PoS proof of rights and interests
The principle of PoS proof of rights and interests is similar to the shareholding system in the real world. The more shares you have, the stronger your right to speak, and the greater the probability of obtaining bookkeeping opportunities. The PoS algorithm requires node verifiers to pledge a certain amount of funds to be eligible for mining and packaging, and the area chain system uses a random method when selecting packaging nodes. When the node pledges more funds, the probability of being selected for packaging blocks bigger.
The advantage of the POS mechanism is that it does not require mining power and wastes energy. At the same time, it shortens the time to reach a consensus and improves the efficiency of bookkeeping. The shortcomings of the POS mechanism are also very obvious. First of all, the degree of decentralization is weak, and it is prone to the situation that the strong will always be strong. Large currency holders hold currency to earn interest, resulting in monopoly problems. Another point is the level of security. The implementation of the POS mechanism is relatively complicated and prone to security vulnerabilities.
3. Attacks based on blockchain consensus
1. Double spending attack
Double-spend attack is also called double-spending attack. As the name suggests, it means that the same currency is spent multiple times. In the blockchain network, each transaction of each user can correspond to a network request. The entire blockchain system will verify this request. These include checking the validity of their assets, whether spent assets have been used to make transactions. After being verified by the nodes of the entire network, the successfully verified ledger is broadcast.
Blockchain networks can deal with double-spending attacks in the following two ways. One is that every transaction will be recorded, and he will confirm the status of the bitcoin in advance. If it has been marked as crossed out, the transaction will be rejected. The second is that if a transaction is initiated before the transaction is confirmed, that is, when the transaction in this period of time has not been recorded into a block block, and a contradictory second transaction is made, then these transactions will be recorded during the bookkeeping. Rejected by miners.
2. 51% attack
In the Bitcoin white paper, there is such an expression: the sum of the computing power controlled by honest nodes is greater than the sum of the computing power of cooperative attackers, and the system is safe. In other words, when the computing power controlled by malicious nodes in the system exceeds the computing power controlled by honest nodes, the system is at risk of being attacked.
The so-called 51% attack is to use the characteristics of the Bitcoin network to use PoW to compete for bookkeeping rights and "the longest chain consensus", and use the advantages of computing power to generate a longer chain to "roll back" the "transaction behavior" that has occurred. 51% means that the computing power accounts for 51% of the total network computing power. The Bitcoin network needs to match random numbers through hash collisions to obtain accounting rights. The computing power is measured by the number of times a computer can perform hash collisions per second. frequency. The higher the computing power, the more hash collisions can be performed per second, that is, the higher the probability of obtaining the accounting right. In theory, if you have more than 50% of the computing power, you have the absolute advantage of obtaining the right to bookkeeping, you can generate blocks faster, and you also have the right to tamper with the blockchain data. When a network is large enough, if a malicious node wants to launch a 51% attack, then he must have more than 50% of the computing power, so Bitcoin has never suffered a 51% attack since its birth.
3. Selfish mining
Selfish mining attack is an attack method against Bitcoin mining and incentive mechanism. Its purpose is not to destroy the operating mechanism of Bitcoin, but to obtain additional rewards and allow honest miners to perform invalid calculations. In short, the core idea of the selfish mining attack is that the mining pool deliberately delays publishing the new blocks it calculates, and constructs a private branch controlled by itself, causing the fork of the chain. Because the attack threshold is relatively low and the income is good, in theory, this kind of attack is more likely to occur, and it is only effective for PoW consensus, not for PoS. Selfish mining is an attack on the Bitcoin protocol, but many arguments in the literature do not properly justify this attack. They lack a proper analysis of attack cost and profit/loss per unit of time.
4. Issues of no interest
The Nothing At Stake Attacks problem refers to the fact that the best strategy for miners in the proof-of-stake mechanism is to mine on all forks, because the creation of signatures is very cheap.
The solution could be to add a deposit to the swordsman agreement to mean that the disinterested issue is formally resolved. The swordsman agreement here means that if you sign two agreements at the same time on a fork of the same level, then you will lose the block rewards you can get. The commitment signed by a validator is only meaningful if it makes a deposit bond. When a bonded node creates or signs two blocks at the same height, its deposit bond is slashed, and such behavior is considered "manifestly bad behavior." Such attacks only target PoS consensus.
4. Future development of consensus algorithm
Since 2014, with the rapid entry of Bitcoin and blockchain technology into the public eye, many scholars have begun to pay attention to and study blockchain technology, and the consensus algorithm has thus entered a period of rapid development. We introduce the possible development directions of future blockchain consensus algorithms from four main lines.
1. Combination of PoW and PoS algorithms
Based on the organic combination of PoW and PoS algorithms, researchers have successively proposed Proof of Stake-Speed (PoSV), Proof of Burn (PoB), Proof of Action (PoA), etc., and are committed to learning from each other and solving the energy consumption and security risks of PoW and PoS question.
Figure 4. PoA consensus process
In April 2014, Larry Lane proposed the PoSV consensus algorithm to improve the problem that the currency age in PoS is a linear function of time, and is committed to eliminating the phenomenon of currency holders. PoSV modifies the linear function of coin age and time in PoS to an exponential decay function, that is, the growth rate of coin age decreases with time and finally tends to zero. Therefore, the coin age of new coins grows faster than that of old coins until it reaches the upper threshold, which alleviates the phenomenon of coin holders hoarding coins to a certain extent. Slimcoin, released in May 2014, draws on the design of Bitcoin and Peercoin, and first proposed the PoB consensus algorithm based on PoW and PoS. Among them, the PoW consensus is used to generate the initial supply of tokens. As time grows, when the blockchain network accumulates enough tokens, the system will rely on the PoB and PoS consensus to jointly maintain. The characteristic of the PoB consensus is that miners compete for the accounting rights of new blocks by sending their Slimcoins to a specific address that cannot be retrieved (burning). The more coins burned, the higher the probability of digging a new block. The PoA consensus is also based on PoW and PoS, and its consensus process is shown in Figure 4. Among them, some tokens mined by PoW are distributed to all active nodes in the form of lottery, and the rights and interests owned by nodes are proportional to the number of lottery tickets, that is, the probability of winning.
2. Improvement of native PoS algorithm
The improvement goal of the native PoS consensus algorithm is mainly to solve its inherent disinterestedness problem. In order to solve the problem of no stake, new consensus algorithms such as Tendermint have been formed. The major breakthrough of Tendermint, which was proposed in 2014, is the use of blocks, hash chains, dynamic validator sets, and round-robin leader elections to implement the first PBFT-based PoS consensus algorithm. In order to solve the problem of no stake, Tendermint nodes need to pay a security deposit, and if they do evil, the security deposit will be confiscated. Tendermint is a Byzantine fault-tolerant consensus algorithm that is robust against double-spend attacks and can resist attacks from up to one-third of saboteurs in the network.
3. Improvement of native PoW algorithm
The improvement goal of the native PoW consensus algorithm is mainly to achieve Bitcoin expansion or reduce its energy consumption. Researchers have successively proposed Proof of Elapsed Time (PoET) and Proof of Luck (PoL).
PoET is a consensus algorithm adopted by HyperLedger. Its basic idea is that each blockchain node generates a random number according to a predefined probability distribution to determine its waiting time from the next time it obtains bookkeeping rights. The significance of the PoET consensus is that the blockchain system does not need to consume expensive computing power for mining, thereby improving efficiency, and at the same time truly realizing the fairness of "one CPU, one vote". Similarly, the PoL consensus uses the random number generator of the TEE platform to select the leader (bookkeeper) of each round of consensus, which can reduce transaction verification delay time and transaction confirmation time, and achieve negligible energy consumption and truly fair Distributed mining.
4. Improvement of traditional distributed consensus algorithm and others
Most of the traditional distributed consensus algorithms are non-Byzantine fault-tolerant, so it is difficult to apply to blockchain scenarios (especially public chains). For this reason, researchers combined the advantages of Raft and PBFT algorithms, and proposed the Byzantine fault-tolerant Tangaroa algorithm in 2014. Tangaroa inherits the advantages of Raft's simplicity and easy understanding, and can also maintain security, fault tolerance and activity in Byzantine fault environments. .
V. Summary and Outlook
The blockchain solves the consistency problem in the distributed network, subverts the traditional technical architecture that relies on a trusted third party to realize large-scale organizational management and control, and its application gradually extends to many fields such as finance, Internet of Things, intelligent manufacturing, etc., becoming a global academic research hotspots. While the blockchain industry is developing rapidly, the technology itself has weak consensus security, privacy leaks, system loopholes, and other issues that hinder the development of the blockchain.
A good consensus mechanism helps to improve the performance efficiency of the blockchain system, provides strong security guarantees, supports complex application scenarios, and promotes the expansion and extension of blockchain technology. But the consensus algorithms that exist today have hidden problems, large and small, at different levels. Therefore, by continuously improving the consensus algorithm to make it more secure, reliable, efficient and energy-saving, this also lays an important foundation for the application of blockchain technology in various fields.
6. References
- Yuan Yong, Wang Fei-Yue. Blockchain: the state of the artand future trends. Acta Automatica Sinica, 2016, 42(4):481-494
- Yuan Yong, Zhou Tao, Zhou Ao-Ying, Duan Yong-Chao, Wang Fei-Yue. Blockchain technology: from data intelligence to knowledge automation. Acta Automatica Sinica , 2017, 43(9): 1485-1490
- Qin Bo, Chen Li Chang-Hao, Wu Qian-Hong, Zhang YiFeng, Zhong Lin, Zheng Hai-Bin. Bitcoin and digital flat currency. Journal of Cryptologic Research , 2017, 4 ( 2): 176 - 186
- Garay J, Kiayias A, Leonardos N. The bitcoin backbone protocol: analysis and applications. In: Proceedings of the 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Sofla, Bulgaria:EUROCRYPT, 2015. 281-310
- Dwork C, Naor M. Pricing via processing or combatting junk mail. In: Proceedings of the 12th Annual International Cryptology Conference. California, USA: CRYPTO, 1992. 139-147