18 - Attacks throughout history
Around the year 1200 BC, war was being waged between the Greeks and Trojans. Over the course of the war, the Greeks mercilessly bombarded the city of Troy with attacks but was never able to break through the cities defense. Eventually, the Greek’s “gave up” and right before they sailed away, left a large wooden horse at the city as a peace offering. The people of Troy in great triumph brought the horse into the city center where they could admire their great victory. After nightfall, a door in the horse's stomach opened, and Greek soldiers emerged. The soldiers opened the gates of Troy allowing the Greek army, which had turned around under the cover of darkness, to enter the city. After a swift assault, the Greeks took control of Troy.
Regardless of how much you plan and what precautions you take, there will always be an attack you cannot see coming. No fortress is protected perfectly on all sides. The decisions you make in order to protect your city from one point of failure may result in the creation of another. For this reason most software will suffer some kind of breach. Over the course of the blockchain industry's history, there have been many attacks on the networks themselves and the applications built on top of them.
When you think about the structure of software, you should think about it like building a house. There are different layers of building, each with their own vulnerabilities. You need to lay the foundation, then create the building’s structure, and finally add a facade to make it look appealing. Each one of these layers can suffer from different vulnerabilities. If the foundation is faulty, then it doesn’t matter how strong the structure is, the building will eventually collapse. If the foundation is strong but the structure is weak, then it too shall eventually fail. Finally, if the foundation and structure are strong but the facade is ugly, then no one will want to live in it. A blockchain and the applications built on top of them follow a similar pattern.
We learned last week about the attacks such as the 51% attack, sybil attack and distributed denial of service (DDOS) attack. All of these are targeted at disrupting the most foundational level of a blockchain: the network itself. The network is the system of block creation and tracking that everything on a blockchain is built on top of. Any attacks on this level of a blockchain are going to impact everything else associated with the chain. Most blockchains are specifically designed to discourage these types of attacks. 51% attackers will destroy the value of the network they take over; sybil attacks can be easily directed; transaction fees help to make a DDOS attack financially expensive. Although impractical, these types of attacks have occured.
One of the most famous 51% attacks occurred to Bitcoin Gold, a fork of Bitcoin. Between May 16th and May 19th, 2018, an attacker took control of over 51% of Bitcoin Gold’s mining power. What this meant was they could control what blocks were added to the blockchain. In a 51% attack the main attack an operative can conduct is a spend and reverse attack. In a spend and reverse attack (also known as a Finney attack), the attacker sends a digital asset and then overrides that transaction and reverses it. The attacker is then able to make it seem like they sent a digital asset to someone only to have the transaction reversed a few minutes later.
In the case of the Bitcoin Gold attack, the operative was able to send bitcoin to an exchange, then withdraw that bitcoin to a different wallet, and reverse the original transaction. In all, the operative was able to steal $18 million worth of digital assets from the exchanges to which they did this . An important note is that in a 51% attack, the operative is not able to steal anyone else's digital assets. Remember that in order to send a digital asset, a transaction needs an authentic signature created using a private key. Even though the operative is able to control the creation of blocks, they do not have access to your private key and therefore are not able to create nefarious transactions.
We just discussed attacks on the foundation of a blockchain; but attacks can also occur against the structures built on top of them. The most common “structures” built on top of blockchains are “smart contracts”. We discussed in The promise of smart contract that smart contracts create an automated contract that will perform an action at a given point in time. It’s an electronic “if then, then that” statement. Smart contracts exist as collections of code tracked on a blockchain. Smart contracts, similar to blockchains, can also be attacked and manipulated. Over time smart contracts have become more intricate and complex which leaves them even more susceptible and has resulted in most of the major attacks conducted today being targeted at smart contracts. Some examples include the wormhole and compound hacks.
Although there have been many recent high profile smart contract hacks, the most famous hack in the leading smart contract platform Ethereum’s history was a smart contract hack. The hack occurred on June 17, 2016. The hack was exploited against a project called “The DAO.” The term DAO stands for decentralized autonomous organization and has become common due to the increased number of DAOs recently being launched. In 2016 the concept of a DAO was new and so The DAO was the only DAO. The concept of the DAO was to create a decentralized investment vehicle. Instead of investing with a professional money manager, people could pool their money into The DAO’s smart contract and vote democratically on where to invest the funds.
Unfortunately, The DAO’s smart contract had flaws, and the funds people had contributed to it were nefariously withdrawn from the contract. The amount of ETH susceptible in The DAO’s smart contract was around 15% of the total supply and posed a massive risk to the success of the Ethereum network. As a result, the Ethereum community made an extremely controversial decision and decided to fork the blockchain prior to The DAO.s fundraising, making it as if the hack had never happened. The fork was controversial because it is commonly believed that entire networks should not make changes based on a single project’s misstep.
Finally, we have attacks on the facade of a blockchain. The facades of a blockchain are the actual applications you interact with. When you log into a wallet application like metamask, the interface you are using is a visualization of what is happening at a code level on a blockchain. When you see your ETH balance in your metamask wallet, that was created by the metamask team to show you what the blockchain says. You can have many different wallet providers showing you the same information in different ways.
Many of the famous hacks that have impact exchanges are due to facade level hacks. These hacks attack the wallet software you are using, not the actual blockchain or smart contact. One of the top stories of the past few weeks has been the discovery of the identities of the operatives who stole funds from a popular digital asset exchange called Bitfinex. In August 2016, Bitfinex suffered a massive breach where almost 120,000 BTC were stolen. At the time, the value of the currency was $72M; but today, it would have been closer to $4.5B. The hacker was able to steal these assets by accessing the private key associated with the wallets. Accessing a private key is similar to finding a traditional word doc on a computer. The security of the private key is dependent on the security of the place that it is stored, not the security of a network or smart contract. Recently, a large portion of the funds ($3.6B) was linked to a couple who were subsequently arrested.
All software is vulnerable to some kind of attack. Over time, the blockchain industry has learned where to expect these attacks and how they can mitigate them. No system is perfectly immune, and there is no doubt that we will continue to learn and adapt over time.