A survey on blockchain technology and its security
Blockchain is a technology that has desirable features of decentralization, autonomy, integrity, immutability, verification, fault-tolerance, anonymity, auditability, and transparency. In this paper, we first carry out a deeper survey about blockchain technology, especially its history, consensus algorithms' quantitative comparisons, details of cryptography in terms of public key cryptography, Zero-Knowledge Proofs, and hash functions used in the blockchain, and the comprehensive list of blockchain applications. Further, the security of blockchain itself is a focus in this paper. In particular, we assess the blockchain security from risk analysis to derive comprehensive blockchain security risk categories, analyze the real attacks and bugs against blockchain, and summarize the recently developed security measures on blockchain. Finally, the challenges and research trends are presented to achieve more scalable and securer blockchain systems for the massive deployments.To get more news about blockchain field survey, you can visit wikifx.com official website.
1. Introduction
In blockchain, data are kept in a distributed ledger. It is the blockchain technology to provide integrity and availability that allows participants in the blockchain network to write, read, and verify transactions recorded in a distributed ledger. However, it does not allow the deletion and modification operations on the transactions and other information stored on its ledger. The blockchain system is supported and secured by cryptographic primitives and protocols, e.g., digital signatures, hash functions, etc. These primitives guarantee the transactions that are recorded into the ledger are integrity-protected, authenticity-verified, and non-repudiated. Further, as a distributed network, to allow the entire set of participants to agree on a unified record, the blockchain technology also needs a consensus protocol, which is essentially a set of rules to be followed by every participant, in order to achieve a globally unified view.
In a trustless environment, blockchain provides users with desirable features of decentralization, autonomy, integrity, immutability, verification, fault-tolerance, attracted great academic and industrial attention in the recent few years, anonymity, auditability, and transparency [[1], [2], [3]]. With these advanced features, blockchain technology has attracted great academic and industrial attention in the recent few years.
To help and benefit someone to understand the blockchain technology and blockchain security issues, especially for users who use blockchain to do the transactions, and for researchers who will be developing blockchain technology and addressing blockchain security issues, we put in our effort and time to conduct the comprehensive survey and analysis on blockchain technology and its security issues. First, we identify keywords, namely, blockchain, survey, consensus algorithm, smart contract, risk, and blockchain security to search publications and information on the Internet. Second, we survey papers related to blockchain published in top security conferences and journals, e.g., USENIX Security Symposium, IEEE Symposium on Security and Privacy, IEEE Transactions journals, and so on. In this way, we have surveyed as many papers as possible so as to overcome the study and result biases. Our survey paper presents the comprehensive findings from other research work.
The main contributions of our survey include: 1) We compare various consensus algorithms with detailed analysis and numerical figures and present the cryptography fundamentals of blockchain; 2) We present the rich information about the smart contract and its security; 3) We explore the widely used applications of blockchain technology, including but not limited to different cryptocurrencies; 4) We conduct a comprehensive analysis on the security risks, real attacks, bugs, root causes, and recent security measures on blockchain itself; Last but not least, 5) The challenges and research trends are summarized and presented in this paper for the further efforts to develop the blockchain technology for the massive deployments.
The rest of the paper is organized as follows: Section 2 introduces the overview. Section 3 describes the blockchain technology in detail, including consensus algorithms, smart contracts, and cryptography for blockchain, while the comprehensive blockchain applications are presented in Section 4. The security risks and real attacks on blockchain are presented in Section 5, and security measures are described in Section 6. Section 7 analyses the challenges and the research trends for blockchain. Section 8 summarizes the related survey work to show our contribution. Finally, Section 9 concludes our work.
2. Overview of blockchain history
In 1982, Chaum was the first known person to propose a blockchain-like protocol in his Ph.D. thesis [4]. In 1991, Haber and Stornetta described a secured chain of blocks cryptographically [5]. In 1993, Bayer et al. incorporated Merkle trees into the design [6]. In 1998, ‘‘bit gold’’—a decentralized digital currency mechanism was designed by Szabo [7]. In 2008, Nakamoto introduced Bitcoin, electronic cash with a purely peer-to-peer network [8]. It was also in 2008 that the term blockchain was first introduced as the distributed ledger behind Bitcoin transactions [9].
In 2013, Buterin proposed Ethereum in his whitepaper [10]. In 2014, the development of Ethereum was crowdfunded, and on July 30, 2015, the Ethereum network went live. The emerging of Ethereum implied that blockchain 2.0 was born because different from all the various blockchain projects that focused on developing altcoins (other coins which are similar to Bitcoin), Ethereum enables people to connect through trustless distributed applications on its own blockchain. In other words, while Bitcoin is developed for distributed ledger, Ethereum is developed for a distributed data storage plus smart contracts, which are small computer programs. Ethereum 2.0 upgrades the Ethereum network which aims to boost the speed, scalability, efficiency, and security of the network. The upgrades have 3 phases crossing from 2020 to 2022.
In 2015, the Linux Foundation announced the Hyperledger project, which is open-source software for blockchains. With the aim of building enterprise blockchain, Hyperledger blockchain frameworks are different from Bitcoin and Ethereum. Under Hyperledger, there are eight blockchain frameworks, including Hyperledger Besu, Hyperledger Fabric, Hyperledger Indy, Hyperledger Sawtooth, Hyperledger Burrow, Hyperledger Iroha, Hyperledger Grid, and Hyperledger Labs, five Hyperledger tools, including Hyperledger Avalon, Hyperledger Cactus, Heperledger Caliper, Hyperledger Cello, and Hyperledger Explorer, and four libraries, including Hyperledger Aries, Hyperledger Quilt, Hyperledger Transact, and Hyperledger URSA [11].