Before we dive into the details of security, we'll review the various blockchains available as platforms for development, and how they differ.
Managing Your Keys
Attack Vectors and Prevention
For each of the limits of a system, there are a number of ways that a malicious party might exploit them for personal gain. In this module, we'll review the various attacks and provide some suggestions as to how they can be mitigated.
Centralized points of failure represent salacious opportunities for would-be adversaries to attack.
Think about it this way: if you’re barricaded in a room and there is only a single way in and out of the room, where does it make the most sense for your enemy to attack? The single point, of course! In a similar way, when we rely on a single service to a point of reliance, we can say that it is a single point of failure since its loss would mean a major catastrophe for us.
In centralized networks, devices communicate across common channels and not directly with eachother. This can result in increased risk of catastrophic failure or network hijack.
ALTERNATIVES TO CENTRALIZATION
Federated services allow multiple providers to offer an identical service under a single integration endpoint, but in many cases, these networks do not currently have enough separate providers to ensure stability. As a result, it is possible that a single service like this could be attacked and result in the compromise of the wider network. Sometimes these use bridges to make interacting with the federated servers easier, but the bridge can turn into a point of failure itself.
Another option is to leverage a full peer-to-peer environment. This reduces our reliance on bridges and helps alleviate some network constraints that centralized networks are prone to. Of course, this can be very difficult to achieve a substantial mass of interest. This leads to lopsided access for less popular content. For example, looking at the BitTorrent network, the newest content moves fastest, while old contents suffer from lack of nodes hosting the data. One solution to this is to offer economic incentives for users who help to support the diversity of the network. This is a critical area where cryptoeconomics may be a boon for future protocols.
REDUCING TECHNICAL RISK
Most public blockchains strive for complete decentralization, however, it’s unclear if such a feat is achievable; or will we simply get closer to 100% but never there due to non-technical issues, but this sometimes includes the use of federated service servers. In the case of Ethereum, the Infura network provides API access to the blockchain for developers so that they do not need to have a copy of a full node in order to check blockchain data. These kinds of services provide vital tools for network growth but must be carefully managed to avoid potentially dangerous centralization.