Before we dive into the details of security, we'll review the various blockchains available as platforms for development, and how they differ.
Managing Your Keys
Attack Vectors and Prevention
For each of the limits of a system, there are a number of ways that a malicious party might exploit them for personal gain. In this module, we'll review the various attacks and provide some suggestions as to how they can be mitigated.
Bad Data & DoS
In a public blockchain, even valid network congestion can cause issues. In the Ethereum network, valid traffic requests from the Cryptokitties project in 2017 led to an overwhelming transaction volume, and ultimately over-congestion of the network for several days. Ethereum’s Gas pricing algorithm has the ability to adjust upwards to balance the demand but requires a (somewhat passive) vote of miners to achieve.
Similarly, the Bitcoin network prevents network congestion by prioritizing older transactions, which makes it impossible for a single user to send themselves transactions over and over again. Through this configuration, a user could only run transactions until they ran out of BTC to send, which makes these attacks fairly inefficient.
In the private context, such as Hyperledger supply chain tracking, there is a reduced risk of bad data as all nodes must have permission to write to the chain. Despite this, there is always the risk of bad data being intentionally added by another party in order to subvert the network and unfairly game the system.
No matter the software, sometimes inefficient implementations lead to poor performance. When the performance degrades to the point that the node cannot stay connected to the network any longer. This is effectively a Denial-of-Service attack.