Block chain Note: There is a problem: 51% of the attack, performance problems, block capacity explosion, the network layer attacks, the private key is lost, script security

Others 2020-03-17 13:39:06 views: null

51% attack

  • Refers to packaged right in the block network node is continuously gain advantage
    • Bitcoin example, a miner operator node has a strong force, so that over a period of time, each time it is packed all grab
    • When this happens, count with a strong force node can launch an attack 51%
  • The so-called 51% of the attack is considered force can be achieved, can reach 51% of the whole network
    • Here is only a 51% of a call, not saying we should just count 51% of the force
    • In fact, even 10%, 20% considered force, sometimes enough to launch an attack on the network 51%
    • Once the package is the right one control node when packaged, you can tampering transactions occurred unacknowledged achieve double flowers or interference
    • Double flowers of example:
      • I do not need to buy coffee after forwarding the transaction to be packaged, only to coffee, but directly at the transfer can provide coffee
      • Since the sum of the transfer transaction was not packed, and I mastered the right package, I can delete their own affairs transfers
      • Stores eventually did get my transfer, if you have been using this method to buy coffee, it means that the money can be repeated to spend, spend is double attack
  • 51% of attacks can not be tampered with historical data
    • Block chain which data is required to enter through other nodes to justice backbone, if tampered with, it is very difficult
    • Especially the confirmation of the number of blocks a lot of the time, such as my trading business is No. 5 blocks packaged, and is now the No. 50 block
    • This time I'm going to move forward tampering with 45 blocks, but also to be verified by other nodes in the job, the difficulty of such tampering is very large
  • 51% of attacks can not go tampering with the user's signature affairs
    • Because the user does not know the key, it is impossible to tamper with the user's signature transactions, but can damage the transaction, which is interfere with the user's transfer package
  • Among packaging process, as long as the right packaging can be continuous access to a node, it will attack the presence of 51%

Think

  • 51% of attacks can have what solution?
    • From the perspective of technology, economy model to Bitcoin example, now Bitcoin mining is more centralized packaging
    • Why the center of the miners not to attack the Bitcoin network?

Performance issues

  • By principle block chain of transactional data network is required to confirm a reliable time
  • Time of the transaction needs to be validated node, block after packing broadcast to other nodes, also need to be validated, the need for reliable
  • In the p2p networks are no servers, and no trust between each other, requires a completely rigorous testing job, and achieve a consistency
  • To achieve such a final consistency, it is necessary to wait for a period, which led to the performance of the network is to block chain lower efficiency than pure type of server (centralized) system
  • If the block greatly improve production speed, such as: a block of a second or less time to generate a packed block will cause the node relative to the center of the block chain network, thus affecting the reliability of the block chain itself
  • We need to strike a balance, to achieve acceptable performance, while also able to balance this center and networking notary
  • In fact, block the production of too fast, but also easily lead to high rates of lone block, for example, I received before 6 blocks, 7 blocks to come, it will lead No. 7 blocks is a solitary block
  • In recent years, a number of new projects to achieve a new consensus mechanism to solve problems and performance issues lone block
  • Of course, you can also incorporate third-party services, such as dedicated full-node server, a dedicated routing nodes, the nodes exchange, provides performance-enhancing supplement, functional communities
  • From a technical point of view, with the development of 5G networks, such as quantum communication, it is possible to improve performance issues essentially
  • For example, the cost to improve the overall performance of the network based on quantum communication which can be remotely quantum entanglement, etc. can make a performance to enhance the quality, and not trusting of

Think

  • Performance block chain can enhance what kind of nature?

Capacity block explosion

  • Block chain network nodes need to maintain a fairly full, so-called full node is that it will maintain the integrity of the data books
  • Starting from the creation of a block of each block to its growing later will maintain the
  • Thus these books makes data is continuously expanded, endless growth, leading to an explosion of the blocks, the entire storage capacity of the block resulting in explosion
  • At this point, we need to block distributed data preservation, preservation division, or some kind of crop
  • And different from our traditional central server approach can be very direct to the data table a sub-sub-libraries, distributed such treatment
  • For block chain is, it receives each transaction transaction, verification should be carried out on a full node, in order to ensure safety, if we distributed directly to the data, then save or split
  • It could lead not find the time to verify the data before you need to verify the premise, which affects the reliability of the entire network of a
  • Some database field is divided on the physical level, but remains intact on the logical level of data has existed for some mature programs
  • This is the current system in terms of the block chain, yet there is no good solution

Think

  • What optimization of data storage blocks there?

Network layer attacks

  • Essentially actually block chain is a kind of network software, network software for it in terms of the Internet is built on the basis of tcp / ip network protocol
  • That being the case, all the ways you can network layer protocol for the Internet to attack are also able to attack block chain system
  • For example, perform a network hijacking, network partitioning, I passed some means in the network, or pay some costs to split the block chain network nodes, data synchronization between nodes interference
  • Since the network is divided by partitions, making this block when the block chain growing down, it is possible bifurcation will occur, and even a long fork, seriously interfere with the operation of the block chain system
  • The problem for the block chain system is concerned has always been there
  • For this p2p network is concerned, it also has some trade-offs to this problem, if you want to fault-tolerant network partition, you can only go to pay a price for consistency
  • That data between each node may not be strong consistency, it can only be some kind of eventual consistency, slowly reaching a final agreement.
  • If severe bifurcation occurs, for the block chain network in terms of how many will still be a more serious problem

Think

  • Network partition would lead to what happened block chain network?

Private key is lost

  • On the block chain, regardless of the transfer Ye Hao, the operation of intelligent contracts both mean the private key needs to be a signature in order to broadcast to the chain
  • Once the private key is lost first it will inevitably lead to trade can not be issued, and because of not trading, it leads to loss of data asset belongs
  • At the same time protect your private key, you can also consider the multi-signature security program, so that data assets and not just rely on a private key to manage, but more private co-management
  • For example: a sum of digital assets signed by the three keys at the same time as long as there exist two keys can be issued
  • If a person is missing the private key, as long as there are two people Modiu, can continue operating assets

Think

  • How to protect the security of private keys stored?

Script Security

  • For block chain network in terms of the implementation no matter what function, transfer or, or that some business intelligence contract also OK
  • These features are achieved through a number of scripting commands, such as: data calls, transfer, and so do the right operation
  • On security point of view, external trigger mechanism is relatively safe , on the terms of transfer must be signed using a private key, and then broadcast to the chain to be effective
  • For the script on the chain itself does not automatically transfers
  • For Turing-complete intelligent contract system or virtual machine system, as long as it can support internal trigger mechanism, which is possible to achieve a contract to carry out automatic transfers by contract, as long as the general internal trigger mechanism is not secure
  • Business logic script instructions posed by external verifiable , for example, I wrote an intelligent system contract, but the contract intelligence system does not provide source code, an external program or who can not go to verify its behavior
  • If you can not verify the good behavior, then this is not safe, because we do not know the contract in the end what features will be included in the deployment time
  • For the script block chain of command, it should be a verification system, rather than the implementation of the system , for example, when people eat the kind generally normal digestion
  • If you accidentally eat a bottle of poison, our stomach is the implementation of a system, not a verification system, that is for the stomach is concerned, it does not look at this is to test food or poison
  • It performs the same digest this direct action, so this system is insecure, only the authentication system is the most secure
  • When we find a system by intelligent contract to execute a script logic of the time, this is often insecure execution system
  • Script execution system because those executed in the end is what kind of behavior? By the virtual machine itself is not very good to verify, and it requires the programmer to ensure the safety of himself
  • But there is no guarantee programmers to write programs is always reliable

Think

  • What is the difference between internal and external trigger is the trigger?
Johnny 丶 me
Published 439 original articles · won praise 253 · views 710 000 +
His message board concerns

Guess you like

Origin blog.csdn.net/Tyro_java/article/details/104918717
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com