Binance’s Proof of Reserves gets a security boost thanks to Hacken’s discovery
Hacken researchers identified and helped fix a bug in Binance’s zkSNARK-based Proof of Reserves system related to BasePrice overflow.
🇺🇦 Hacken stands with Ukraine!Learn more
Blockchains have architectures that lay out their logic and modes of operation. However, it is unfortunate that once an adversary finds a loophole in the architecture, they can maneuver such a blockchain.
It’s common to divide the blockchain layers into 5 major sectors to make it similar to the well known OSI Model, but there is no standard. These layers often are infrastructure, protocol (also known as consensus layer), data, network and application layer.
Thorough and detailed smart contract audit can protect your project against avoidable risks.
Keep your protocol safe with expert security audits and testing.
Let us examine each layer more critically:
The infrastructure layer is the foundation of blockchain technology, comprising software and hardware.
One of the principal elements in the infrastructure layer is the determination of the network’s nature. Blockchain networks can be either public or private, showing whether they are permissionless or permissioned.
For instance, blockchain networks such as Ethereum and Hyperledger are public and private, respectively. After resolving the nature of the network, nodes are the second component of a blockchain network.
They are human-controlled hardware or devices that connect to the web. Their main duty is to validate and broadcast transactions. As an infrastructure, nodes are the core elements that help a blockchain network to have a functional consensus layer.
Data structure and utilization apply to all parts of engineering, including blockchain. The primary data for a transaction becomes available when an Externally Owned Account signs with its private key.
But due to the sensitive nature of blockchain technology, the transaction gets encrypted. There are two methods of encryption in cryptography: symmetry and asymmetry.
Hence, most blockchains adopt the asymmetric encryption method in their data layer. The asymmetric method utilizes the keypairs of the two parties to keep the sensitive information. Along the line, each transaction gets into a data block for the validators or miners to verify.
Some blockchains store the data themselves, while others outsource to modular chains. The storage can also either be on-chain or off-chain.
The Network Layer facilitates the communication of data within the entire architecture. The peer-to-peer component of the network layer makes the transmission of data possible.
The peers are the nodes or entities operating them at their core. Due to the security nature of blockchain technology, it does not automatically accept every networked data as true. The data are scrutinized through various verification mechanisms.
We shall discuss these mechanisms more under the protocol layer. Network layers also cement the confidentiality of the data through the Trusted Execution Environment (TEE). The TEE ensures it is difficult for any adversary to compromise the integrity of the data in transmission.
The protocol layer of the blockchain lays out how the peers in a network reach a consensus. It also deals with the core models of blockchain networks and their modes of operation.
The protocol layer’s first component is the blockchain’s consensus mechanism. It can be proof of stake, proof of authority, proof of space and so on. In the case of a layer 2 blockchain, a protocol layer can also be a sidechain.
A sidechain, as its name sounds, operates side by side the main chain.
The application layer abstracts many underpinning technicalities from blockchain networks. The users can interact with the application layer of a blockchain.
The users do not see the underlying code at the application layer. They only know the interface to utilize the product or service on blockchain technology. But the application layer has a backdoor of chaincode.
Chaincode is a larger package of on-chain infrastructure that helps an application layer function properly. It majorly includes smart contracts.
The application layers often exist in decentralized websites or mobile applications. Examples of DApps are Uniswap, Metamask, and Magic Eden.
So far, in blockchain protocols, some major vulnerabilities have consistently happened. These issues affect developers, project managers, stakeholders and the entire network, causing significant damage to the blockchain ecosystem.
The protocol layer is susceptible to a lot of blockchain security issues, such as:
A long-range attack is not a minor issue as it has high severity and must be fixed as soon as possible.
A long-range attack happens when the attacker manages to fork and alter the history of a chain. As the new chain becomes longer than the valid chain, the attacker can include different transactions.
The receiver can guard against this attack by waiting for sufficient block confirmations before completing the payment.
The race attack is a high-severity vulnerability and can jeopardize a blockchain protocol.
Malicious hackers can carry out a race attack by sending a transaction to the receiver. At the same time, the attacker would send the same amount to themselves to nullify the payment. The receiver will fall victim, if they do not confirm the transaction before completing the payment.
Avoid this blockchain security by waiting long enough to append the digital signature on the payment.
A liveness attack is an extremely serious high-severity vulnerability that can lead to a temporal or permanent shutdown of a blockchain network.
The validators in a PoS blockchain form an internal conspiracy to execute this attack. They unanimously agree to stop producing blocks, and the blockchain stops.
The community can fix this attack by forking the chain, so new sets of honest validators can keep producing blocks.
The Censorship Attack is a critical vulnerability that delays or stops a blockchain protocol from running.
The validators of a blockchain can decide not to add some ready transactions into a block due to personal or unfair reasons. This censorship threatens the decentralized nature of such a blockchain.
The community can punish such unfair validators. Adopting a ZK approach is better because it will hide the identity of whoever is behind a transaction.
Every PoW blockchain is bound to face this high-severity attack.
Named after Harold Finney, the Finney attack is a species of double-spending attack. A miner premines a transaction into a block and broadcasts it after the receiver has confirmed the payment.
The receiver can avoid this attack by ascertaining that a larger number of blocks confirm the transaction’s validity.
Thorough and detailed smart contract audit can protect your project against avoidable risks.
A vector76 vulnerability has a high severity and the capacity to hijack a blockchain protocol.
Vector76 attack is a complex and uncommon form of exploit. It happens when an attacker tricks an exchange into approving a high-volume transaction.
The method of preventing this attack is for the exchange to restrain from approving the payment too early.
An Alternative Historical Attack is a high-severity attack that manipulates the blockchain reorg mechanism.
In this exploit, the adversary sends crypto to the receiver. Then proceeds to mine an alternative of the chain, returning the same amount.
The receiver should only approve the transaction if there are sufficient block confirmations.
51% is one of the top highly severe vulnerabilities in blockchains’ protocol layer.
This attack is possible when a single entity has too much staking or computational power. The entity can use domination to take major decisions on the chain single-handled.
The community can prevent this blockchain vulnerability by ensuring that no single person has relatively larger power in the network.
It is an extremely dangerous vulnerability that maneuvers the precomputation of a protocol.
A validator can carry out a grinding attack if it can manipulate the chain to select them as the slot leader. Whereas the selection should have been random.
The major way to curb this trick is to introduce randomness into how the blockchain chooses the slot leader in a block.
This is a highly severe weakness common to PoS and DPoS blockchains.
The vulnerability can happen as an aggrandizement of staking and rewards. Once the attacker stakes and his rewards compound, they can hijack the network.
The best way to avoid this vulnerability is to restrict the extent of staking rewards and how often they grow.
The network layer is frail to being assailed by these blockchain security issues:
This is an acute vulnerability that a malicious node operator can leverage to take over the network layer of a blockchain.
Sybil attacks occur when the adversary creates and controls a lot of accounts or a large number of nodes. This can lead to a 51% attack or even DoS.
A blockchain network can guard against Sybil attacks by ensuring that no validator with a single IP address runs more than a node.
It is a highly severe security issue that an adversary can exploit to manipulate the nodes one after the other.
The hacker would dissociate a node from a network and connect it with other malicious nodes. As a result, it can compromise both its incoming and outgoing data.
The team behind a blockchain can prevent this by increasing the number of connections to a node. They can also carry out penetration testing to be double-sure of the security.
It is a low-severity attack in the network layer.
An attack can eavesdrop on a network to detect certain sensitive information. They can then proceed to use these crucial details to exploit the network.
Adopting a security-tight encryption model is a recommended method of fixing eavesdropping attacks.
A Denial of Service Attack has a medium severity since it can only cause temporal inefficiency of a blockchain.
An adversary can kickstart a DoS attack by flooding with numerous requests beyond its capacity. The network will be out of service as a result.
The first blockchain security recommendation is to increase the number of nodes across different places. They are then limiting the size of the memory queue.
This is a low-severity security issue that can occur on the network layer of a blockchain.
This attack happens when the Border Gateway Protocol is successfully compromised. Such that the attacker manipulates the routing tables to hijack the IP addresses on a network.
A mere increase in nodes across several regions can prevent BGP.
This is a low-severity issue that can happen even naturally to the P2P layer of a blockchain.
The nodes within a wide blockchain ecosystem can find it hard to distinguish themselves. This can lead to an alien attack as two different nodes can kick off inappropriate interaction. Alien attack reduces the performance and eventual ineffective of the affected node within the network.
Integrating ID security protocols such as ChainID can prevent this.
It is a highly critical vulnerability that can misinform the nodes.
A typical timejacking attack occurs when an adversary corrupts the timestamp of a node to disconnect it from its honest peers. Then utilize the falsified timestamp to connect the node to a dubious alternative blockchain.
There are two popular best practices to fix timejacking; restriction of acceptance time ranges and adopting the node system time.
Malicious players can compromise the integrity of a blockchain’s data layer with these blockchain security issues:
They are highly serious exploits that give the adversary power over the key management mechanism in the data layer.
Cryptographic attacks can come in various formats, such as Brute Force, Man in the Middle, and Replay Accuser.
The major best practice to checkmate this form of attack is to avoid using random or unknown encryption libraries.
The data layer of a blockchain can be under a highly severe condition if the private keys can be predicted.
Accounts sign transactions with their private keys. But once the private keys can be easily guessed, the accounts are insecure.
The network can mitigate the private key prediction vulnerability by incorporating a more battle-tested cryptographic pseudorandom number generator.
Although the length extension attack is low severity, it should be fixed.
This attack is carried out when an adversary can successfully calculate the length of a hash. Then present it as the true message.
Avoiding the Merkle-Damgard construction for hash functions is an efficient prevention mechanism.
It is a high-severity attack that empowers the adversary to double-spend.
A particular amount of crypto is usually spent within a transaction. But a transaction replay attack happens when a party pays the amount of crypto twice.
The blockchain security measure needed in this case is the effective use of nonce.
This attack is an extremely critical vulnerability that blockchains that use transaction signatures are bound to face.
An attacker uses a malleability attack to change their ID before block confirmation. As a result, they can deposit or even withdraw twice. Most times, this vulnerability is traceable to the signature library.
So always double-check that your signature library is resistant to ensure blockchain security.
This attack is low severity because the hacker can only do a few significant exploits.
The time-locked transaction manipulation occurs when one party has padlocked some tokens for a specified time. Then attempts to spend from these tokens before the time of release. The recipient might still need to receive the payments.
You can fix this from a blockchain security standpoint by conducting an on-chain analysis to know if such tokens are not time-locked.
False top-up attacks are critical exploits that can drain the entire funds in a blockchain.
An adversary can make a false top-up attack if they successfully make an untruthful transfer. Surprisingly, the untruth transfer will appear as a real-time top-up.
The blockchain security remedy is to confirm payment after a handful of block confirmations.
8. Hash Collision Attack
This is a highly dangerous attack that can affect the data layer of a blockchain.
A typical collision attack happens when two separate inputs have the same hash value. This collision could have been naturally co-incidental or masterminded.
The recommended solution to this issue is to avoid vulnerable all the algorithms that fall under the Merkle-Damgard construction. Instead, it is better to use SHA-3 or SHA-256.
9. Rug Pull Attack
Rug pull attacks are perhaps one of the most deadliest forms of attack in Web3.
Attackers often launch a fancy token, hype it up, and encourage people to bag it. Once there is a significant amount of total deposits, the attackers would illegally withdraw all the liquidity and render the tokens worthless.
The investors can avoid this by ensuring that the smart contract behind the project was audited by a competent external auditor.
Malicious entities often examine the infrastructure layer of a blockchain to determine if it will fall victim to these blockchain security issues:
Information leakage, otherwise called an eavesdropping attack, has a low severity.
In an eavesdropping attack, the adversary monitors the network to get private data. Having extracted confidential data, they would use the private data details to compromise any part of the network.
The recommended best practice to checkmate eavesdropping is using stronger encryption protocols.
Discover and fix eavesdropping weaknesses early through blockchain protocol audit.
A DoS attack’s severity is minimal.
A denial of Service attack is bound to happen when attackers bombard the major nodes in a network with too many requests. The node can crash as a result of this unprecedented load of requests.
This blockchain security issue can be fixed by preventing abnormal parameters from crashing the nodes.
This is a low-severity vulnerability since the adversary only exploits a naive user and not the blockchain itself.
Phishing attacks happen when the attacker tricks the victim into clicking on a malicious link, leveraging that to drain the victim’s crypto.
To tackle this blockchain security issue, use malicious link detection software to prohibit nodes from honoring cross-domain access.
It is a high-severity vulnerability issue that an adversary can financially exploit and eventually possess the main chain.
Selfish mining happens when the attacker forks the chain and mines blocks without broadcasting to the main chain. Upon broadcasting, their fork can hijack the main chain.
Selfish mining can be mitigated when the dishonest validators can be expunged on time.
The bribery attack has a high degree of severity.
A bribery attack is a conspiracy whereby a validator incentivises their peers to favor an invalid transaction as a valid one.
Relieving such validators of their duties is one of the most feasible blockchain solutions to fix this blockchain security issue. Or preferably switch from PoW to PoS.
It can be insignificant initially but can grow into a medium severity if repeated several times.
The adversary enters a mining pool but refuses to broadcast the mined blocks. Thereby causing inconsistencies in the network.
Tighten your blockchain security with stronger cryptographic commitment schemes to solve this bug as they reveal such malicious validators.
The pool hopping attack has a low severity.
A pool hopping attack threatens blockchain security. In this case, a miner selectively mines blocks only when the rate is high.
Mitigate this blockchain security weakness with modern implementations that make it difficult to predict future hash rates.
BCD attacks are not serious security issues as they do not have any tangible impact on the blockchain itself.
The block-discarding attack requires the attackers to have a relatively large node quorum. They only approve their blocks and jilt the blocks of the honest nodes.
The practical method of preventing it is to have a wide array of validators. This will make dominance almost impossible.
This is a fierce attack that can beset the infrastructure layer of a blockchain solution.
This is an advanced form of a blockchain security issue that is an advanced form of Block-Withholding-Attack. Unlike BWA, it can generate more revenue for the adversary from the pool.
The blockchain solution is that the pool managers can introduce frequently updated beacon values.
The uncle-block attack has a medium degree of severity.
An Uncle-block attack is another blockchain security issue that extends the BW attack. An attack moves from mere block-withholding to uncle-block when the attacker withholds some related blocks.
The cybersecurity solutions to block-withholding and fork-after-withholding also apply.
Each layer of the blockchain is susceptible to one attack or the other. This explains the reason blackhat would always find blockchain security loopholes to exploit. Some of these attacks were evident in the 5 biggest DeFi hacks of 2022.
On this note, the founding team or community of each blockchain network are now aware that the issue of blockchain security is vital. If you are building a blockchain, ensure all loopholes are blocked.
We are a team of seasoned cybersecurity professionals and blockchain auditors at Hacken. Our veteran auditors recently utilized their experience and sophisticated industrial knowledge to publish a more detailed guide on blockchain vulnerabilities.
As the leading smart contract auditing and blockchain security company, we will critically assess your blockchain protocol beyond the surface. We will discover, report, and recommend how you can fix the blockchain vulnerabilities in your architecture.
Conduct a Blockchain Protocol Audit to guarantee the security of your project.