A Security Framework for Blockchain Applications

Until lately, some people in the blockchain space considered the technology “unhackable” — but numerous attacks have demonstrated that this is not the case. More and more security gaps are emerging in the blockchain applications and smart contract platforms. For example, in 2016, $72 million worth of Bitcoin was stolen from Bitfinex, one of the biggest crypto exchanges, due to stolen keys.

In other words, ignore what you heard from the “unhackable” advocates — just because data or money is on a blockchain doesn’t necessarily indicate that it’s safer than any other form of storage. 

Threat actors can exploit vulnerabilities in the blockchain network and have thrived in different hacks and frauds over the years. 

According to statistics, six of the top ten most costly blockchain hacks happened in 2021. Another survey showed that manipulating decentralized finance (DeFi) protocols was the fastest-growing method to swipe crypto in 2021. More than $1.6 billion has been exploited from DeFi in 2022 thus far! For a breakdown and analysis of some of the biggest hacks in crypto, check out Halborn’s Explained series.

So, what is blockchain security and what kind of security framework exists for blockchain applications? Keep reading to find out. 

Blockchain delivers a system of data with intrinsic security qualities. For instance, it is based on regulations of cryptography, decentralization, and consensus, which guarantee faith in transactions. In most distributed ledger technologies (DLT), the data is configured into blocks and each block includes a transaction or group of transactions. Each new block links to the blocks before it in a series in such a manner that it’s almost infeasible to manipulate. 

All transactions within the blocks are confirmed and approved by a consensus method, guaranteeing that each transaction is valid and accurate. In other words, Distributed Ledger Technology (DLT) means the technological arrangement and protocols that permit concurrent access, confirmation, and record updating in an unchangeable method across a network that’s distributed over numerous entities or locations. 

Blockchain technology allows decentralization via the involvement of associates or members across a distributed network. There is no single point of failure and one user cannot modify the record of transactions. Yet, blockchain technologies vary in some crucial security factors. 

Blockchain applications can vary in who can partake and who has credentials to the data. Networks are generally marked as either public or private, which defines who is permitted to partake, and permissioned or permissionless, which defines how members gain access to the network.

Public Blockchain

Public blockchain generally permits anyone to join. A public blockchain utilizes internet-connected machines to verify transactions and gain consensus. For example, Bitcoin is presumably the most prominent example of a public blockchain, and it gains consensus via bitcoin mining. Machines on the bitcoin network, or “miners,” attempt to find a valid proof of work for a block and thereby verify the transactions that the block contains.

Private Blockchain

On the other hand, Private blockchains utilize identity to verify membership and access privileges and generally only allow recognized entities to join. Only associates with specific access and authorizations can keep the transaction ledger. This network class demands more identity and access controls.

So, in other words:

• Public blockchains are shared, and anyone can enter them and verify transactions. (Example: Bitcoin)
• Private blockchains are limited and normally confined to enterprise networks. A single entity handles membership. (Example: Ripple (XRP) and Hyperledger).

Below are the four main ways hackers and malicious actors jeopardize blockchains.

Phishing attacks

Phishing is a hacking endeavor to gain a user’s credentials. Hackers send wallet key holders emails designed to appear as if they’re arriving from a legitimate authority. The emails try to trick the user into handing over their account’s private key or credentials for an online cryptocurrency exchange.

Routing attacks

Routing attacks target the blockchain’s network infrastructure. Blockchains depend on real-time, extensive data transfers. If an attacker can break the network into multiple, isolated segments, this makes it easier to perform certain attacks.

Sybil attacks

In a Sybil attack, malicious attackers create many fake accounts to gain outsized influence over the network.  While this cannot be used to break blockchain consensus, it can support other attacks. 

51% attacks

In a 51% attack, it’s all about gaining control. If a miner, or a bunch of miners, could mobilize adequate resources, they could gain more than 50% of a blockchain network’s mining capacity. Having more than 50% of the capability indicates having power over the ledger and the capability to exploit it.

Hence, in the blockchain world, it is paramount to take measures to ensure the security of both the blockchain structure and environment.

When creating a blockchain application, it’s essential to assess security at all layers of the technology pile, and how to handle administration and permissions for the network. A complete security design for an enterprise blockchain solution utilizes standard security controls and technology-unique controls. Some of the security controls detailed to enterprise blockchain solutions contain:

• Identity and access management:  Identity and access management is the safety and industry discipline that allows appropriate people to access the resources. 
• Key management: Public Key Infrastructure (PKI) is utilized in Blockchain Technology to verify the entities and to confirm the integrity of the blockchain. Robust and secure key management is an obstacle for any cryptographic technique. If an intruder can find the keys by any means like brute force, side-channel attack, physical access to the system, ineffective encryption, replay attack, etc. then the intruder can steal everything from the targeted machine. Thus, the management of keys is one of the most crucial parts of the cryptographic system.
• Data privacy: It is referred to as information privacy, which manages the appropriate handling of personal data. Data privacy has controlled how personal data is gathered, processed, and held to assure correct handling of data.
• Smart contract security: Meticulous analysis of a blockchain application’s smart contracts to rectify design issues, errors in the code, or recognize security vulnerabilities. For example, Halborn conducts both manual analysis and automated testing to secure smart contract applications. This includes key features like Code Review, static & dynamic analysis, auto tool deployment, and financial testing.
• Complete Security: This includes completing and constantly evaluating the company’s most vital assets, pushing maximum automation, and delivering top cybersecurity consulting and implementation every step of the way. This includes security architecture assessment, code audits, security best practices, custom red team engagements, web application pen-testing, cloud provider pen-testing, API pen-testing, technical security compliance, continuous smart contract auditing, blockchain protocol security assessment, and DevOps.
• Advanced Penetration Testing: Advanced pen testing involves a deep security assessment and the latest offensive security approach to discover crucial vulnerabilities in applications before they are exploited. It includes pen testing everything from web apps to wallets and Layer1 blockchains and other assets like bridges, cryptocurrency wallets, web apps, mobile apps, digital custody solutions, cloud security, and APIs. 
• DevOps & Automation: This includes automated scanning, CI/CD Pipeline development, cloud deployment, SAST/DAST integration, and background to assist in building an efficient DevSecOps culture.

Blockchain does deliver immutability and fault tolerance, but the factors such as regulatory compliance, data confidentiality, incident response, or stability do not arrive ‘out of the box’. 

A notable example of security negligence causing monetary and reputational harm is the DAO hack of 2016 where a hacker manipulated a smart contract code vulnerability. 

In this section, we’ll emphasize the primary security control areas that are required to go with blockchain security. 

Security governance is important for all machines that live in a business setting, whether they are blockchain-dependent or not. The truth is that specifying security governance in distributed environments is more demanding than in centralized peers. For instance, in the matter of the DAO hack, the absence of expected policies pushed the demand for the DAO community to launch an ad-hoc incident response strategy in a time of emergency.

Below, we emphasize how blockchain affects three key security governance elements and what must be accomplished to demonstrate good governance in blockchain-based systems.

1. Governance Models

One of the basic grounds for blockchain is the lack of a central governing administration. Yet, in a corporate environment, a governance system and functional model are necessary to allow the accurate functioning of permissioned blockchains, where nodes must be assessed before being submitted to the network. 

In fact, the option of a governance model affects significant functions such as change management (for instance revising the code or applying security patches) and Know Your Customer (KYC) procedures. Hence, security governance must be accommodated to serve the general blockchain governance model. This governance model generally includes things such as consortium or statutory association, consensus mechanism, type of blockchain (private/public, permissioned/permissionless), and node vetting procedure.

2. Regulatory Requirements

The setting of regulatory requirements relevant to a blockchain-dependent system is industry-based. Due to the technology’s characteristics, some of these conditions will be more difficult to implement compared to traditional centralized approaches. Clearly, conceding GDPR-equivalent privacy essentials such as data confidentiality, the right to be forgotten and data deletion will need some detailed design reviews, such as evading the storage of private data on the chain, use of anonymous identifiers, or zero-knowledge proofs. Hence, it is important to use the privacy-by-design idea when designing blockchain-based applications.

3. Third-Party Risk Management

The reality that third parties partake in blockchain networks supplements the third-party security threat. It is thus important that third parties who operate nodes in the blockchain be kept to the exact security measures and that blockchain-specific due diligence (read Prevention and Resilience controls mentioned below) be accomplished.

Prevention reinforces the capability to protect critical assets against recognized and arising threats. Blockchain‘s foundation is cryptography, and so utilizing this science to enforce prevention controls seems obvious. The key, however, is to make sure that proper controls are present on all participating nodes.

Below are the primary prevention controls that should be placed across data, application, and design layers when developing blockchain applications.

1. Data Protection

Blockchain was developed by utilizing cryptographic elements such as hash functions for data integrity and digital signatures to authenticate transactions. While data integrity and authenticity are delivered by configuration, blockchain does not deliver any data confidentiality.

Digital signatures use Public Key Infrastructure (PKI) which can also be utilized to protect data stored on the blockchain itself, via encryption. Other cryptographic methods can be utilized to decrease or exclude reliances on single nodes, for example by demanding multiple nodes to aggregately decrypt by utilizing shared keys or sign vital data by utilizing multi-signature techniques. Ultimately, data can be additionally defended by implementing data minimization, i.e. holding private data securely held off-chain and only permitting non-critical data to be on-chain.

Using the current PKI to execute data confidentiality is possible, but presents a threat due to the hefty dependence on PKI for numerous goals, including authentication, consent, and data security. This threat is further explained in the Resilience section below.

2. Application Protection

A significant difficulty in defending blockchain-based applications is to prepare security engineers to comprehend blockchain technology, its attributes, and how these impact the general security of systems being constructed on top of it. 

Also, blockchain-based ideas such as smart contracts can have complicated code. The demand for safe development strategies and policies to make sure the usage of tested software libraries and interfaces, periodic code inspections, and patching is heightened by the reality that smart contracts are completely automated. 

In the event of the 2016 DAO hack, a more detailed code inspection could have stopped the smart contract design weakness which was the cause of the incident. Also, smart contracts generally accept input from data outside of the blockchain, e.g. currency exchange rates. Thus, sound input validation and data integrity assessments must be executed to guard systems’ working and integrity.

4. Infrastructure Protection

As blockchain is created by utilizing conventional features, all standard infrastructure attack vectors such as malware and hacking stay applicable for blockchain applications. Therefore conventional infrastructure measures such as vulnerability scanning and patch control must be implemented on all nodes. 

When the DAO found their money was being drained, they had no recovery strategy. There had been numerous opportunities to prevent the incident, but the network was incapable of getting a consensus in the available time. It took days to ultimately recover from the hack.

Resilience controls permit a company’s functions to swiftly adjust and react to internal and external modifications, requests, disturbances, and threats, to resume functions with little effect on the business. Resilience is one of the main bases for firms to utilize blockchain technology. 

Undoubtedly, blockchain technology eradicates a single point of failure and delivers functional resilience through its ingrained monotony. On the other hand, it heavily depends on internet connectivity, adequate node distribution (particularly in private blockchain networks), and PKI, so it is always necessary to assess resilience necessities when developing blockchain applications.

The implementation of disaster recovery controls is enabled by the decentralized character of blockchain technology. In this context, it is necessary to know what consensus mechanism is utilized and how this will affect the system’s continuity and availability if a subset of nodes does not respond. Despite blockchain’s resilience, business integrity and continuity are correlated with the availability of the PKI; if an application’s PKI is not resilient, then the application itself will not be resilient. 

Assuming this, it is important to enforce safe and resilient key management techniques, such as secure key backups and tamper-resistant hardware settings for the private key repository. 

Ultimately, companies must follow the progress in cryptoanalysis that could possibly damage specific protocols or decrease application security.

Companies preparing to go live with a blockchain-based technique must consider the important attributes mentioned above in the context of their organizations’ security control frameworks to address permitted, regulatory, functional, and financial threats.

By learning more about the blockchain security framework, you can assess your company’s security posture with critical eyesight and make modifications that provide robust protection from cyberthreats. If you want to learn more about how blockchain organizations can secure their digital assets, connect with our blockchain security experts at halborn@protonmail.com.